English
The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1

Facebook Security Phishing Attack In The Wild

David Jacoby
Kaspersky Lab Expert
Posted January 13, 11:38  GMT
Tags: Facebook
0.1
 

At the time of writing there is a new Facebook phishing attack going on. It will not just try to steal your Facebook credentials; it will also try to steal credit card information and other important information such as security questions.

This Facebook phishing attack is pretty interesting because it does not just try to trick the victim into visiting a phishing website. It will reuse the stolen information and login to the compromised account and change both profile picture and name. The profile picture will be changed to the Facebook logo and the name will be translated to “Facebook Security” but containing special ascii characters replacing letters such as “a” “k” “S” and “t”.

Once an account is compromised it will also send out a message to all contacts of the compromised account. The message looks like this:

"Last Warning: Your Facebook account will be turned off Because someone has reported you. Please do re-confirm your account security by: => http://apps-xxxx-xxxxx-user.de.vu
Thank you. The Facebook Team"/

When clicking on the link you will be redirected to a website which looks very similar to Facebook, and asks you for personal information such as: Name, Email, Password, Webmail system, Password to email etc. When submitting this form the details will be sent to the attacker, and they can automatically login to your Facebook account and compromise it.

After the victim submitted the information another webpage will appear, this page states that you need to confirm your identify with a payment and asks for your Card Number.

The last page of the phishing scam will try to confirm your Credit card information including CSC/CVV code.

These scams are just getting more popular and we really recommend not giving out personal information, especially not email, password and credit card information over social medias. It is also recommend that you contact your security vendor and the social media vendor if you encounter these sites.


8 comments

Oldest first
Threaded view
 

Vignesh Raja

2012 Jan 13, 20:57
0
 

No Secure? then no info given!

Thats why i always enter my personal details in secure sites only.. evry user has to do the same...

Reply    

Martijn Grooten

2012 Jan 14, 18:31
0
 

The scams seems to have been going on for some weeks but still, wow. Clever. And a little scary.

Reply    

Martijn Grooten

2012 Jan 14, 18:31
0
 

typo

s/scams/scam

Reply    

David Jacoby

2012 Jan 16, 16:37
0
 

Re: typo

really?

Reply    

Martijn Grooten

2012 Jan 16, 19:00
0
 

Yes http://answers.yahoo.com/question/index?qid=20111219062529AA4wyUz

Reply    

kipzter

2012 Feb 09, 04:28
0
 

and what's even worse than that is if u look into the thread there is a malicious worm that actually eats into your system and sends messages through your facebook account to other users indicating that your ip address has been posted in a public library. this is just such an infringement of the whole ethos of facebook!

Reply    

lindie

2012 May 23, 19:54
0
 

facebook security phishing attack!!!

exactly what is shown above happened to me ....i caught the scam too late...now i am disabled from my facebook acct.....i am curious why my internet security didnt pic up my being hacked?????? yes you guys from Kaspersky....i tho't this is what we pay 411111

Reply    

Emmanuel Perez

2012 Jun 06, 17:25
0
 

No Solution?

Ok we have the threat here, so wheres the solution?

Reply    
If you would like to comment on this article you must first
login


Bookmark and Share
Share

Blog