Rules & Announcements

   

ALERT: New Facebook Phishing Attack (Beware)

Post Reply New Post

Page 1 of 8

Page 1
Page   of 8
Page 2 Page 8

vijay

Admin Group

vijay

Site Admin

Joined: 09 December 2003

Posts: 6396

Posted: 24 May 2009 at 8:52am | IP Logged
Hi,

Lately I have been receiving several messages from my friends on Facebook asking me to visit some wierd domains like : picoband.be, silvertag.be, fcoder.at

And the message used to be like:


[Friend First Name] sent you a message.

Subject: Hello

"Check fcoder.at"

To reply to this message, follow the link below:
http://www.facebook.com/n/?inbox/readmessage.php&t=[some numbers]&mid=[some alphanumeric characters]


And I am sure many of us must have even clicked on it... but WAIT!!!! Its a phishing attack and not actually sent by your friend. To know more here is the news for you to know more about this:

Would request you all to forward this message to all your friends and make sure they do not click on these links and fall prey to it as this might lead to completely locking out your Facebook account forever.

Cheers,
Vijay


Facebook Falls Victim To Another Phishing Attack

Phishers use cryptic message to lure users into giving up their account information

May 22, 2009 | 03:58 PM

By Tim Wilson
DarkReading

Social networking site Facebook, which has been the target of several phishing and malware attacks during the past few months, is under the gun again.

Researchers at email and Web security service provider AppRiver on Thursday spotted a phishing exploit on Facebook that is spreading across the community. The phish enables hackers to steal logon and password data, as well as change end users' account information, effectively locking them out of their own accounts.

Security researchers at Cloudmark also have spotted the phishing attack.

The simple attack begins with an email message bearing the subject line "Hello," according to Fred Touchette, senior security analyst at AppRiver. The body of the message reads, "Check areps.at" The message then offers a Facebook link to reply to the message.

When users click on the link, they are brought to a fraudulent Facebook page that requests their account information and then routes them to their own Facebook page as it captures the login data, Touchette says. In some cases, the attackers use the login data to immediately change the users' passwords, effectively locking them out of their accounts.

In addition to areps.at, AppRiver has spotted the same attack coming from several other sources, including bests.at, brunga.at, kirgo.at, nutpick.at, and fcoder.at. These sources bypass some spam filters because they are not structured as full URLs, AppRiver researchers say.

The phishing attack is surprisingly simple and not particularly well-concealed, Touchette observes. For example, it doesn't require CAPTCHA authentication -- which Facebook usually does -- and the destination URL of the fraudulent login page does not contain the word "Facebook" -- which the real logon page does, he notes.

"We're not sure what the [phishers] were thinking, using such a simple attack and then locking users out of their accounts," Touchette says. "Usually, in more sophisticated [exploits] the attacker would quietly maintain access to the account for as long as possible, rather than tipping off the victim."

Both AppRiver and Cloudmark researchers say they expect to see more such attacks on Facebook because of its popularity and the site's viral nature of communications, which makes it easy for attacks to spread.

"Phishing and spam will continue to increase on social networks as users migrate large portions of their Internet activity, such as email, to these properties," says Adam O'Donnell, Cloudmark's director of emerging technologies. "Finding a cost-effective mechanism for remediating phished accounts is now a priority for Facebook and other social network sites. They need to figure out how to reset these people's passwords and contact them without priming their user population for an email-based phishing attack."

Source: http://www.darkreading.com/securityservices/security/attacks/showArticle.jhtml?articleID=217600699


A very simplistic Facebook phishing attack is spreading through the popular social network, says AppRiver senior security analyst Fred Touchette.

It arrives as a Facebook message titled "Hello," and has been asking recipients to "Check areps.at" or "Check bests.at" At least two USA TODAY reporters received these bogus messages this morning.

If you click on the hyperlink it will take you to a fake Facebook login page, where you will be prompted to type your username and password. If you're gullible enough to click to the fake page and type in your credentials, your password will be changed, and you'll be locked out of your account, says Touchette. The bad guys will then use your account to replicate the attack to everyone on your friends list, he says.

Since Facebook requires anyone who sends a message containing a hyperlink to first solve a captcha puzzle, these bad guys evidently are retaining captcha solvers to get their attack moving. This elementary phishing attack underscores two points: it remains cheap and easy for crooks to use botnets to automate phishing attacks; and there's profit in getting even a tiny percentage of recipients to fall for even the crudest of ruses.

"I'm willing to bet these people are jumping on the bandwagon and trying to take advantage of all the Facebook activity," says Touchette. "It's very curious that they lock out the user, which throws up a red flag. They certainly don't have to do that."

Word just arrived from AppRiver that the bad guys, in an effort to stay one step ahead of spam filters, have begun directing message recipients to fake login pages at these links: brunga.at, kirgo.at, nutpic.at, and fcoder.at.

Source: http://blogs.usatoday.com/technologylive/2009/05/phishing-attack-spreads-through-facebook.html



The following 2 member(s) liked the above post:

-Swetha-KiranSD1

Dear Guest, Being an unregistered member you are missing out on participating in the lively discussions happening on the topic "ALERT: New Facebook Phishing Attack (Beware)" in Rules & Announcements forum. In addition you lose out on the fun interactions with fellow members and other member exclusive features that India-Forums has to offer. Join India's most popular discussion portal on Indian Entertainment. It's FREE and registration is effortless so JOIN NOW!

aish_punk

IF-Sizzlerz

aish_punk

Joined: 11 January 2008

Posts: 20622

Posted: 24 May 2009 at 8:58am | IP Logged
hey thnx vijay for sharing..i heard abt dis too..will be careful nxt time..! Smile

Siddhi_

IF-Sizzlerz

Siddhi_

Joined: 27 January 2007

Posts: 20971

Posted: 24 May 2009 at 9:02am | IP Logged
OMG!! Thanks for letting us know.. :D

Asharkibiwi

Coolbie

Asharkibiwi

Joined: 23 January 2009

Posts: 11932

Posted: 24 May 2009 at 9:04am | IP Logged
thanku so much

-Nadii-

IF-Veteran Member

-Nadii-

Joined: 29 August 2005

Posts: 23076

Posted: 24 May 2009 at 9:07am | IP Logged
Thanks for letting us know.. I have stopped clicking on links I don't know.

-Ami-

IF-Stunnerz

-Ami-

Joined: 05 March 2007

Posts: 26229

Posted: 24 May 2009 at 9:09am | IP Logged
Oh! Thanks for letting us know. I hadn't really even known this yet.

amz1990

IF-Sizzlerz

amz1990

Joined: 08 October 2007

Posts: 11692

Posted: 24 May 2009 at 9:10am | IP Logged
i have something on my computer saying malware catcher 2009 i checked its some kind of thing that wants me to buy this software but its bogus

Cute_Ash

IF-Stunnerz

Cute_Ash

Joined: 07 October 2008

Posts: 29872

Posted: 24 May 2009 at 9:13am | IP Logged
Thanks a lot for letting us no!

Post Reply New Post

Go to top

Related Topics

  Topics Topic Starter Replies Views Last Post
Like A Post ? Share with Facebook Friends

2 3 4 5

vijay 33 13360 11 September 2008 at 11:08pm
By dreamer_dreams
Alert: Hacking attempt on India-Forums

2 3 4 5 6 7 8

vijay 61 5434 30 July 2008 at 9:07am
By flute
ALERT:Mysterious Entry Into India Forums!

2 3 4 5 6 7 ... 10 11

Diva 85 6273 13 March 2006 at 11:19pm
By shrutibali

Forum Quick Jump

Forum Category

Active Forums

Limit search to this Forum only.

 

Disclaimer: All Logos and Pictures of various Channels, Shows, Artistes, Media Houses, Companies, Brands etc. belong to their respective owners, and are used to merely visually identify the Channels, Shows, Companies, Brands, etc. to the viewer. Incase of any issue please contact the webmaster.