facebook-pl-5b1aed4d

A phishing kit using fake and alarming news articles to trick users into giving away their Facebook login credentials.

References

https://urlscan.io/result/5b1aed4d-e436-4849-8c76-9ff9a6638902
https://urlscan.io/result/0a95517f-9263-46d0-82ab-8c52bb40b13d

IOK Rule (edit)

title: facebook-pl-5b1aed4d
description: |
  A phishing kit using fake and alarming
  news articles to trick users into
  giving away their Facebook login 
  credentials.
level: potentially_malicious
references:
  - https://urlscan.io/result/5b1aed4d-e436-4849-8c76-9ff9a6638902
  - https://urlscan.io/result/0a95517f-9263-46d0-82ab-8c52bb40b13d

detection:

  embeddedVideo:
    requests|contains: 'https://www.youtube.com/embed/3rH4-ib6IxQ'
    
  condition: embeddedVideo
  
tags:
  - target_country.poland
  - target.facebook