According to the latest research by Bkav, despite Facebook’s efforts on deleting virtual accounts, in Viet Nam, the act of using virtual accounts with sexy avatar to comment on purpose of phishing, robbing Facebook accounts still continuously increases. Bkav's statistics show that after 3 months, the number of such comments on Facebook has increased 3 times in comparision with the figure of December 2018.

Recently, Bkav has been receiving feedbacks and requirement for support from victims who are tricked or have lost Facebook accounts. Most cases happen under a common scenario; attacker uses a virtual account with a very sexy avatar to comment on the page or group with great number of followers. Due to being attracted by such avatars, the victim accessed to virtual Facebook profiles to view the information, which causes losing Facebook account.

To bypass Facebook's filter, avoid the comments being blocked or removed, attacker replaces or inserts special Unicode characters. After falling into the hands of the attackers, the victim's Facebook account is turned into a new trap. Unfortunately, the pages administered by the victim also vanish into thin air.

According to Bkav advisory, users should not click on links that are sent by or posted on the wall of untrust Facebook accounts. Even if the link is sent by a friend, users should check the information. In addition, users should turn on protection features on Facebook such as two-factor authentication, notification upon strange logins and so on.

Bkav