During my 3 month internship at Group-IB as a Digital Risk Protection Analyst intern, I uncovered a massive phishing campaign on Facebook where over 3,200 fake or compromised profiles were used to lead users to a Facebook clone (hosted on over 220 sites) that compromised accounts by tricking users into pasting cookies and session identifiers into the site.

‍

‍