Symantec – New Phishing Attacks Against Facebook Users
Cyber criminals have again launched attacks against Facebook to attract its users to fake websites by sending phishing e-mails with an intention of capturing their personal login data, said security vendor Symantec Corporation.
The new attacks include sending of a message to victim's Facebook inbox by phishers and an e-mail notification with the title 'Hello' or 'Hi'. This e-mail pretends to come from user's friend and contains text that prompts him to visit a fake Facebook page where the phishers steal his login credentials.
Seeing an e-mail in their Outlook or webmail inbox, thousands of Facebook users quickly login to Facebook account to view the message came from a friend. The text of the message says "look sexy" in a video or something like this. Impatient users quickly start to search for the video and ultimately fall victim to the new scam.
Symantec has been observing the new attack campaign against Facebook users since the starting of May 2009 and has concluded that these attacks will likely to continue with the same method.
The security firm suspects that primarily a forged spam mail might be used as an attack vector against Facebook users by phishers. However, once the phishers succeeded in compromising any account, they quickly shifted their attacks to Facebook.
Moreover, the security firm has suggested that Facebook users should maintain a cautious attitude with regard to messages coming from the same website or any other website. This way they can avoid sending fake malicious messages to their Facebook friends.
After clicking on a link, users should double-check domain name given at the top of the page. Typing the domain name directly in the address bar is considered safer than following a link arrived with a message, said Symantec.
In May 2009, Symantec released a report in which it said that phishing and spam were interrelated with each other on the Internet because spammers employed phishing attacks to capture users' accounts on trusted websites like Facebook and Twitter.
» SPAMfighter News - 19-06-2009