Hackers Crafted Fake Facebook Page to Steal Login Information
PandaLabs has discovered a bogus Facebook page designed to steal login information of social networkers. Users of the social networking website are warned to exercise caution against rogue mails carrying links to the fake page.
The web page looks similar to the original Facebook page and thereby users that visit this page can easily be duped into revealing their personal details like username and password.
As per the security company, when web users try to log-in their account, they find an error page stating - "wrong mail\password combination." But the details they enter in the page will directly go into the hands of attackers.
Technical Director of PandaLabs, Luis Corrons, states that this phony URL is perhaps being spread via search engine optimization methods and mails, as per the news by SCMAGAZINE on November 18, 2009.
He also states that once the attackers get user's information, they can fulfill their different malicious intentions which include displaying spam contents with harmful links, sending messages to contacts, etc.
Moreover, the security company has displayed a series of screenshots on Flickr, an online photo management and sharing application, which exemplifies the procedure.
PandaLabs has suggested web users not to respond or follow links from unfamiliar mails and always check the URL before giving data to make sure that it is authentic. These bogus sites usually use identical addresses, with possibly just one incorrect letter.
Giving warning to social networkers, the security firm has said that those, who suspect that they may have revealed their information onto the fraud page, should change their password instantly. If users can not use their accounts, Facebook provides services through which they can retrieve their possession of account.
Apart from this, the security firm has stated that other users should check some clues like bogus sites with identical addresses or malicious URLs in mails.
Facebook has become a frequently targeted website for cyber crooks. In October 2009, some users got forged "Facebook Password Reset Confirmation" mail carrying a Trojan horse linked with it. When a user installs the attachment, it can cause severe disruption to their system.
Related article: Hackers Redirect Windows Live Search to Malicious Sites
» SPAMfighter News - 26-11-2009