[ insider_reports_insider ]
Beware The Facebook Phish
David Utter
Staff Writer
2008-01-03
 Insider Reports RSS Feed
Compromised accounts on Facebook have enabled criminals to try and entice people into logging in to the site from a fake login page.
 | | Beware The Facebook Phish |  |
The fake login page for Facebook cited by F-Secure resides at a domain in the top-level for China; the nameservers for the phishing site are also China-based.
"Phishers are apparently using hacked Facebook accounts to post links to a fake login page on other people's 'Wall posts'," said F-Secure.
Going to the phishing site and logging in leads to someone else capturing those Facebook login credentials. TechCrunch wondered why someone would go to the trouble of doing that.
It could be a matter of gaining legitimate logins to have access to friends associated with the compromised account. From there, the criminals can put even more junk into people's news feeds on Facebook, possibly leading to even more dangerous sites.
Another possibility could be a simple attempt at fraud. If a person uses the same login at Facebook as he or she uses on a financial site, and the thieves behind the phishing site throw the stolen logins at bank and credit card logins until they get a match, that opens the account to being cleaned out by the criminals.
Multiple passwords may pose a challenge to remember for most people, but the danger of using a single login at sensitive and non-sensitive websites makes it necessary these days.
About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.
More insider_reports_insider Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
