Facebookers Targeted with Fresh Phishing Technique

Trend Micro warns that cyber-criminals, by executing one fresh phishing e-mail campaign, are attacking members of Facebook.

According to it (Trend Micro), the scam traps visitors of the social-networking website by posing as conducting one security check.

But malicious software is utilized to run the scam and Trend Micro identifies it as TSPY_MINOCDO.A that's created for capturing victims' private information. This malicious program contains many backup utilities which's why it cannot be easily eliminated and that makes the program especially perilous.

Moreover, for loading the malware onto any target computer, drive-by download operations or Trojan installers are utilized on hijacked websites.

When loaded, the Trojan makes sure it continues to stay by working like any system service so it'll automatically run whenever the system boots. Thereafter, it makes changes to HOSTS files of the infected computer so visitors to facebook.com get diverted onto one bogus 'Security Check' webpage of Facebook.

Here they're prompted to enter information such as their address, name, payment card number, and more, which if they do, cyber-thieves responsible for the scam, would quickly collect all of it. Furthermore, the Trojan even garners and transmits other details regarding the infected computer to its controllers.

Trend Micro researchers, who further studied the malware, said they found the Trojan contacted many URLs, to which it made DNS requests, thus implying that the perpetrators performed server failures while maintaining backup so as for persistently seizing data, the researchers explained. Help Net Security published this dated April 2, 2013.

Additionally, as different from attacks on other social-networking sites that employ fake web-links, TSPY_MINOCDO.A, which automatically executes on startup, is a malicious executable thus posing much greater risk.

However, for avoiding the above Trojan or similar threats, users must know that social sites wouldn't ever request for visitors' bank or credit card account particulars to confirm anything, the security company said.

Conclusively, Facebook isn't the only brand hit with a scam which lured end-users to malevolent attachments or contaminated web-links. Lately, AVG another security company discovered several malevolent e-mails pretending to be CNN/BBC news alerts while linking to the notorious BlackHole attack toolkit.

Related article: Facebook - a Concern for Companies

» SPAMfighter News - 4/9/2013