English Deutsch Español Français Italiano Portuguese Čeština Ελληνικά 中文(简体) 中文 (繁體) Tiếng Việt 日本語 ภาษาไทย Русский Български Nederlands Polski Svenska Norsk Dansk Suomi

McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams

SPAMfighter is

Microsoft Gold Certified Partner

SPAMfighter also

Works with Windows Vista

SPAMfighter Exchange Module is Microsoft certified ".net connected".

Microsoft .NET Connected

Hackers Phish on Facebook Profiles

As never before hackers are now targeting Facebook, the popular networking site, which has faced its first major security breach. The attackers have been mining users' passwords and other login details using a new phishing scam.

Users who entered their login details found unusual content on their page appearing from a friend after which an apparently real Facebook link showed up. Wired News reported this on January 3, 2007. But the link led the user to a false Facebook page tracing to a .cn domain of Chinese origin. While the user logs onto Facebook on that page, it keeps a duplicate of the visitor's username and password.

On January 2, 2007, some Facebook members while checking their user accounts found unexpected messages posted on their page seeming to appear from a friend with an apparently legitimate Facebook link following. One Facebook member noticed that the URL address on his page had the domain name as '371233.cn' that made him suspicious. The tactic is a high-level phishing scam as the link poses to arrive from a legitimate person, here the user's friend.

Independently working Security Consultant Dancho Danchev said that hackers possibly harvested large number of accounts to embed malicious code that spreads infection to any visitor to the infected page. Wired News published this on January 3, 2008.

According to Danchev, if the hackers use a domain like phisher.cn, they need to canvass it so that people know about the domain, visit it and subsequently get infected. Conversely, if the attackers gain access to users' profiles where the users are sure to return, the task of infection becomes much easier.

Danchev said that he has been locating scammers who were registering to similar .cn domains to attack user accounts of MySpace. The purpose is usual - that of making money either by embedding the malicious code or selling the account details to someone else, he said.

He also said that the hacked profiles are being used to host malicious Trojan horses, for e.g., keyloggers designed to steal credit card numbers and banking passwords. They could even be used to send malware or spam out e-mails.

» SPAMfighter News - 15-01-2008

SPAMfighter box shot

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail and Thunderbird - Read more

Slow PC? Try SLOW-PCfighter

Optimize your Slow PC for better performance. Try FREE scan now.

 

Exchange spam filter

SPAMfighter Exchange Module is a spam/virus filter for Exchange server - Free 30 days trial

 

Spyware remover

Remove Spyware with SPYWAREfighter - Free 30 days trial

<<<>>>