Posted by TechGeek on November 11, 2011
We are observing a lot of fake pages being created on Facebook by attackers. The idea is to create fake pages and then verifying user by following some manual steps in order to reveal the secret video behind it. The manual steps does not reveal secret video rather it will spread the page with different messages like “WOW Check this out it is cool”, “OMG have you seen this??” or “Check this out.. It is awesome!” on your friend’s wall post. Here is how message spreads,
The above victim has posted messages to his all friends. Once you click on the link, you will be taken to Facebook page which looks like,
The page post a message like “warning only 18+ verify your age by following easy steps”. This has been done intentionally by the attacker in order to do his/her malicious activity behind. Once you click on continue button, it displays another animation with some instructions to follow. Here is how they look,
Please like us our page on Facebook and spread this blog.
Posted by TechGeek on September 20, 2011
Phishing is an act of tricking someone into providing their confidential information such as usernames, passwords and other sensitive information. Generally, phishing is carried out via e-mail messages or on websites which claims to be a legitimate site. Attackers use popular social sites such as Facebook or MySpace to create similar looking pages on fake domains they created.
They will send emails to victims asking them to log on to the site and update account information. If you don’t look out closely the domain name used in the address bar, you will likely to send your sensitive personal information to the attacker. We are seeing so many fake domains and pages being used to carry out phishing attacks using Facebook pages. Here is one of the live examples,
Look at the highlighted address bar in the above image. The address is different than real Facebook which points to “http://www.faceworldverified.com/update/index15.php”. This is fake site created to fool victims in order to gain or steal personal information like email and password. Once victim enters his/her information like Facebook email and password, this site will steal your information and send it to remote server which is under attacker’s control. The above site then immediately sends victim to Facebook application page “http://apps.facebook.com/videos/video.php?logged=true”.
For testing we used firstname.lastname@example.org as an email and testhacker as a password. Once we enter this information, here is the HTTP GET request which sends login information to the remote server and immediately redirects victim to the Facebook application. Here is the GET request, You can clearly see email and password being sent in the above request. Remember 3 things,
1) Never click on any suspicious or unknown links send in the Email.
2) Always check domain address in the address bar of your browser before entering any information
3) Do some Google search if you came across any suspicious Phishing site and report it Google.
Stay away from phishing and spread this to your friends and family. Become a fan on our Facebook page to get valuable information.
Posted in Phishing | Tagged: attacker, Facebook, Fake site, Phishing, phishing sites, sensitive information | Leave a Comment »