A new type of malware has been discovered in a spear-phishing campaign targeting marketing and HR professionals across social media platforms, specifically LinkedIn. According to reports, hackers identify businesses who use Facebook Ads and Business services, then reach out to their LinkedIn profiles, typically managed by Marketing or HR departments, in an effort to steal information stored on the target device.
Here’s how it works. Hackers seek out individuals they believe have administrator access to Facebook Business accounts, then start a conversation with them on LinkedIn. Using social engineering, the hackers convince the person to download a file hosted on a legitimate cloud hosting service. Once downloaded, the “Ducktail” malware scans for browser cookies to retrieve Facebook credentials and other sensitive business‑related information.
By gaining access to Facebook Business, hackers can take the credit card information on file and direct payments to their accounts or even run their own Facebook Ad campaigns. Since “Ducktail” is a unique type of malware and targets businesses through Facebook, it oftentimes goes unnoticed.
To ensure the safety of social media accounts and prevent privacy issues, financial loss and identity theft it’s important to consider the following cautionary measures:
- Be careful who you communicate with on social media
- Don’t click on any links or download any attachments
- Utilize two-factor/multi-factor authentication
- Set strong passwords
- Be selective with access, privilege and privacy settings
If you’re a Merrimack business customer and are concerned your personal or financial information was compromised, please call us directly at 603.225.2793.