Hackers Use 'Honey Pot' Tactics on Facebook to Take Your Phone

Wednesday, 21 February 2018 - 11:37AM
Technology
Military Tech
Wednesday, 21 February 2018 - 11:37AM
Hackers Use 'Honey Pot' Tactics on Facebook to Take Your Phone
< >
Image credit: Pixabay

The early 2000s had fraudulent emails from Nigerian princes. The 2010s have seductive Facebook messages from hackers using fake profile pictures. It's a genius scheme for the social media age: everyone has five hundred friends, why not add one more? Especially an attractive one who is sending you flirtatious chats. Unfortunately, the cyber-security company Avast has revealed that some of these hackers are after more than the ability to spam your timeline with ads for natural male enhancement – they want to spy on you using your smartphone.

Here's how the scam works: a hacker uses a fake Facebook account that seemingly belongs to an attractive woman to message a male target with some flirty text, then asks them to download a new app so they can chat more "securely." (Always use protection, after all.) They send a download link to a (presumably modified) version of Kik, a chat app notorious for its connection to internet scams.

After turning off some security settings to let the app operate, it begins collecting the user's information – we're talking contact lists, call logs, texts, photos, and geolocation – and sending the data back to the hacker. It can also record your phone conversations in real-time, which means a hacker can (potentially) use your communications to figure out when you've caught on to the scam. This spyware has been identified as Tempting Cedar, which originally appeared in 2015.

After tracking down three Facebook accounts associated with the scam, Avast discovered that the culprits appear to be Lebanese hackers. These three accounts – going by the names Alona, Christina, and Rita – appear to interact with each other like normal friends (they like each other's posts, leave comments, and use emojis), but that's all a façade. By tracing the accounts' IP addresses and monitoring their hours of activity, Avast found that the users were located in the Middle East – not California, as they claimed. Most of the victims of the scam were also located in the Middle East, though other targets were found in the US, China, France, and Germany.

So next time you get a Facebook friend request from an unusually attractive stranger with no mutual friends and poor language skills, metaphorically swipe left. It's probably not the beginning of a beautiful romance.

Science
Science News
Technology
Military Tech
No