Antoine Vincent Jebara recently discovered a new phishing campaign to which even the most vigilant users could fall victim. An increasing amount of websites are offering the ability to log in using Facebook which is a generally safe way to access a website. An attacker has taken the time to produce a site that looks identical to a Facebook prompt with green HTTPS, shadows, status and navigation bars, and even a link to Facebook. It is actually a phishing scam that steals the victim's credentials when entered. The only way to tell it is a phishing scam is to drag the prompt to the edge of the screen to make it disappear. If the prompt disappears, it is a fake.
Relevant URL(s): https://thehackernews.com/2019/02/advance-phishing-login-page.html