Arabic Facebook phishing detected

Posted byAnti-phishing Leave a comment on Arabic Facebook phishing detected

This screenshot shows a phishing page impersonating Facebook, targeting Arabic‑speaking users. The page lures victims with a promise of a Free Fire game reward and asks for their Facebook login credentials (phone number/email and password).

Threat Analysis: Facebook / Free Fire Phishing – Credential Harvesting (Arabic Variant)

How it works:
The victim receives a link via social media, SMS, or messaging app promising a free reward or bonus for the game Free Fire (e.g., diamonds, skins, or in‑game currency). The link leads to this page, which mimics the Facebook login interface. The Arabic text instructs the victim to log in with their Facebook account to claim the reward. When the victim enters their phone number or email and password and clicks “تسجيل دخول” (Login), the credentials are captured and sent to the attacker.

The goal:
The attacker steals Facebook credentials to:

  • Take over the victim’s Facebook account
  • Access the linked Free Fire (Garena) account
  • Post spam or malicious links from a trusted account
  • Use the same email/password combination to compromise other accounts (credential stuffing)
  • Sell the account or its data on criminal markets

Red flags to watch for:

  • Suspicious URL: The page is hosted on fashiongarkh.com, not facebook.com. Legitimate Facebook login pages are only on official Facebook domains.
  • Free Fire reward lure: Facebook does not offer Free Fire rewards through third‑party login pages. This is a common gaming scam tactic.
  • Poor Arabic phrasing / typo: The text contains a possible typo (“حضارة” instead of “حسابك” or similar), which would not appear on an official Facebook page.
  • Unsolicited login request: Facebook never asks you to log in via an external site to claim game rewards.
  • No personalization or security indicators: The page lacks Facebook’s full branding, language selection, and two‑factor authentication prompts.

What to do if you encounter this:

  • Do not enter your Facebook email/phone or password.
  • If you have already entered your credentials, change your Facebook password immediately and enable two‑factor authentication (2FA). Also check for any unauthorized activity or connected apps.
  • Always access Facebook by typing facebook.com directly into your browser.
  • Claim Free Fire rewards only through the official Garena app or website – never through external links.

Protective measures:

  • Bookmark the official Facebook login page and use that bookmark.
  • Use a password manager – it will not autofill on fake domains.
  • Enable two‑factor authentication on your Facebook account.
  • Be suspicious of any unsolicited message that asks you to log in to claim a game reward.
  • Never log in to Facebook via a link sent in a message or posted on social media.

Leave a comment

Your email address will not be published. Required fields are marked *