In a recent attack, a copyright-themed fake Facebook email was used by malicious actors to target members of the Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC).

What was inside the email?

  • The email displayed Facebook Business as its sender, and the email arrived with the subject line "Facebook Copyright #10034576734223762."
  • The body of the email informed EI-ISAC that Facebook had taken down some of its content, as the result of a copyright infringement. 
  • The email included a working Facebook link to provide additional context. 
  • The link was meant to serve the purpose of further increasing the chances of communication with the sender to get their login information.

Fake e-mail symptoms

There were a couple of glaring errors from the sender’s end.
  • The sender's email address, "metahelp1255@outlook[dot]com." indicates that something phishy going on as the domain name here is "outlook.com," not "facebook.com" or "meta.com."
  • The physical address included in the footer which states Meta/Facebook is located at "1 Facebook Way," is incorrect. Its headquarters' address is actually "1 Hacker Way."
 

Reasons behind the attack

  • The primary goal seems to be stealing Facebook login passwords and other information from EI-ISAC members.
  • Impersonation attacks can lead to misinformation like changes in polling hours and locations. 
  • Misinformation might lead to people missing out on the opportunity to vote.
  • Spread fear and uncertainty about the security of the vote.
  • Voters might just give up voting for that election cycle thus destabilizing the election process.

How to stay safe?

  • Investing in network monitoring and logging. 
  • Focus on security awareness training. 
  • Impart knowledge to employees to recognize common cyber hoax scams.

Final thoughts

Cybercriminals and their sophisticated attacks evolve every day, yet little can be done unless employees undertake regular security training. The EI-ISAC bears responsibility as well, as they have the authority to warn member organizations and raise awareness about recent assaults so that they can be mitigated and organizations can stay ahead of the game.
Cyware Publisher

Publisher

Cyware