{"id":273212,"date":"2026-06-15T02:30:00","date_gmt":"2026-06-15T06:30:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/06\/15\/sniper-dz-scams-target-mena-users-via-fake-facebook-offers-and-browser-alerts\/"},"modified":"2026-06-15T04:00:29","modified_gmt":"2026-06-15T08:00:29","slug":"sniper-dz-scams-target-mena-users-via-fake-facebook-offers-and-browser-alerts","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/06\/15\/sniper-dz-scams-target-mena-users-via-fake-facebook-offers-and-browser-alerts\/","title":{"rendered":"Sniper Dz Scams Target MENA Users via Fake Facebook Offers and Browser Alerts"},"content":{"rendered":"<p><a href=\"https:\/\/thehackernews.com\/2026\/06\/sniper-dz-scams-target-mena-users-via.html\">Sniper Dz Scams Target MENA Users via Fake Facebook Offers and Browser Alerts<\/a><\/p>\n<p><a href=\"https:\/\/thehackernews.com\/2026\/06\/sniper-dz-scams-target-mena-users-via.html\">https:\/\/thehackernews.com\/2026\/06\/sniper-dz-scams-target-mena-users-via.html<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-06-15 02:30:00<\/a><\/p>\n<p>Source Domain: <a href=\"thehackernews.com\">thehackernews.com<\/a><\/p>\n<p><span class=\"p-author\">\ue804<span class=\"author\">Ravie Lakshmanan<\/span>\ue802<span class=\"author\">Jun 15, 2026<\/span><\/span><span class=\"p-tags\">Social Engineering \/ Browser Security<\/span><\/p>\n<p>Cybersecurity researchers have disclosed details of fraudulent activity targeting users across the Middle East and North Africa by employing various fraudulent Facebook accounts impersonating politicians, public figures, and trusted organizations.<\/p>\n<p>&#8220;These accounts promoted fake offers, including free mobile internet packages, financial compensation, and government subsidy programs,&#8221; Group-IB analysts Anna Yurtaeva and Viacheslav Shevchenko said.<\/p>\n<p>&#8220;Victims were encouraged to click embedded links to claim the advertised benefits, but were instead redirected through a chain of intermediary websites that ultimately led to phishing and traffic monetization infrastructure.&#8221;<\/p>\n<p>The Singapore-headquartered cybersecurity company has these campaigns to Sniper Dz, a turnkey phishing-as-a-service (PhaaS) platform that was taken down last month in an INTERPOL-led operation. The findings indicate that the platform goes beyond facilitating credential theft, generating illicit revenue via browser notification abuse, premium SMS subscriptions, premium-rate calls, and investment scams.<\/p>\n<p>A &#8220;typical Sniper Dz scam victim funnel&#8221; begins with localized social engineering lures, with the scammers impersonating well-known telecom providers such as Alg\u00e9rie T\u00e9l\u00e9com to promote fake offers, to direct users to domains hosted on Link in bio services that act as an intermediary layer between the social media post and the final destination.<\/p>\n<p>&#8220;Rather than directing victims straight to a malicious website, the campaign first routes users through trusted link-aggregation platforms such as Linkbio and Linktree,&#8221; Group-IB researchers said. &#8220;The attackers create decoy landing pages on domains operated by these services.&#8221;<\/p>\n<p>The attack ends with directing victims to a page that obtains browser notification permissions by prompting users to click &#8220;Allow&#8221; to continue. Behind the scenes, code embedded in the web page subscribes the&#8230;<\/p>\n<p><a href=\"https:\/\/thehackernews.com\/2026\/06\/sniper-dz-scams-target-mena-users-via.html\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Sniper Dz Scams Target MENA Users via Fake Facebook Offers and Browser Alerts https:\/\/thehackernews.com\/2026\/06\/sniper-dz-scams-target-mena-users-via.html Publish&#8230;<\/p>\n","protected":false},"author":1,"featured_media":273213,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEj-L0YMpJQcSqCJeQR6NevaPeBZW1uc13Y3nV37mR6tEuSsuMxWV6RrohLtgsVqG_Ja_kBoZTAMcKXlaG-OfyjrLDAUwhO_pQifFv64iRc-HE0nAAMJ88BF_xEQwOj39EdAE5ZTNU7q7y3SjBjKsvBZckb_jcg1FzMM9YRe9OV9UFsNyjH2km2jAXvBIdTa\/s1600\/phishing-sniperdz.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[25,57],"class_list":["post-273212","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-phishing","tag-security"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/273212"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=273212"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/273212\/revisions"}],"predecessor-version":[{"id":273214,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/273212\/revisions\/273214"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/273213"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=273212"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=273212"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=273212"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}