Fans of cosplayer and vlogger Alodia Gosiengfiao got targeted in a recent phishing scheme that harvests Facebook credentials. The hacker behind this attack got an idea after followers of Gosiengfiao started sharing their email addresses on her official Facebook Page.
Alodia initially announced on her Facebook Page a public invitation to join the online game Among Us. Her fans freely shared their email addresses on the post which also attracted hackers seeing the pool of accounts that they can phish.
Later that day, Alodia received a number of reports saying they can’t access the link sent to their email accounts. Upon further checking, the hackers are already in the move as they have sent out emails containing a malicious link.
In one of the screenshots shared by her follower, it showed the list of email addresses who received the phishing mail. It came from the Gmail account alodia[.]amongusgame[@]gmail[.]com to which Alodia denied sending. According to the social media star, her official email is alodia[@]gmail[.]com.
The Among Us phishing email asks recipients to join a Facebook Group via an embedded link. This embedded link actually redirects to a Facebook phishing page under this URL: hxxp://amongusgroupchat[.]byethost4[.]com/?id=facebook
Those who have successfully accessed the landing page specially via mobile may not have noticed the URL and have just willingly logged in using their Facebook credentials. Doing this only put their Facebook accounts in danger as the hackers behind this scheme just received their credentials on the backend.
Alodia already apologized to her followers and shared screenshots of the malicious email. Her fans, on the other hand, suggested options where she can securely gather information for any future invitations.
For those who have received the email, clicked the phishing link, and logged in with their Facebook credentials, we strongly suggest to update your passwords and enable 2FA.
As of this writing, Google already blocks the phishing URL.
- Phishing Email Analysis Landing Page - September 19, 2024
- BPI to hold Cybersecurity Conference to ‘Fortify Cyber-Resilience in an AI World’ - July 25, 2024
- New Smishing Campaign makes use of Globe SMS Sender ID - May 27, 2024