🟡 Medium  | Source: The Hacker News
The Sniper Dz phishing-as-a-service operation is targeting users across the Middle East and North Africa (MENA) region using fake Facebook accounts impersonating politicians, public figures, and government organisations to promote fraudulent offers such as free mobile data and financial subsidies. Victims are lured via social engineering on social media and browser-based alerts, ultimately leading to credential theft or malware delivery. The campaign is notable for its scale, regional targeting, and abuse of trusted brand identities to lower victims’ defences.
Security Architect’s Take: If your organisation operates in the MENA region or has users there, ensure your security awareness programme covers social media impersonation and fake government offer scams. Additionally, review whether your brand or organisation’s identity is being spoofed by monitoring for lookalike social media accounts and consider enrolling in Meta’s Brand Rights Protection tools to enable rapid takedown of fraudulent pages.
Original advisory: Sniper Dz Scams Target MENA Users via Fake Facebook Offers and Browser Alerts