- Joined
- Jul 28, 2007
- Messages
- 3,327
- Reaction score
- 3,055
Cyber criminals are targeting Facebook users with a malicious, fake security check page, according to Trend Micro.
Trend reported detecting the phishing scam in a blog post on Sunday.
The scam reportedly hooks Facebook users by pretending to be a legitimate security check, which when clicked redirects the user to a malicious site owned by the criminals.
"The goal is to redirect users who visit Facebook to a spoofed page, which claims to be a part of the social networking website's security check feature," wrote Trend Micro threat response engineer, Anthony Joe Melgarejo.
"It does this by redirecting all traffic to facebook.com and www.facebook.com to the system itself."
The malware used in the scam is reportedly designed to steal victim's personal data. Trend Micro said the malware is particularly dangerous as it has several backup features that make it more difficult to remove.
"Upon further analysis, we also discovered that that the malware performs DNS queries to several domain names. What this means that the people behind this are prepared for server malfunction and have a backup to continue stealing information," wrote Melgarejo.
"In addition, unlike other social media attacks which use fraudulent links, it is an executable which runs every system startup. This poses a big threat to multiple users using an affected system."
The Facebook scam is one of many that uses an established brand as a means to entice users to click on infected links or malicious attachments.
Most recently Security firm AVG linked a series of malicious email messages masquerading as news alerts from the BBC and CNN to the infamous Blackhole exploit kit.
Source: IT news, reviews and analysis for UK IT professionals - V3.co.uk
Trend reported detecting the phishing scam in a blog post on Sunday.
The scam reportedly hooks Facebook users by pretending to be a legitimate security check, which when clicked redirects the user to a malicious site owned by the criminals.
"The goal is to redirect users who visit Facebook to a spoofed page, which claims to be a part of the social networking website's security check feature," wrote Trend Micro threat response engineer, Anthony Joe Melgarejo.
"It does this by redirecting all traffic to facebook.com and www.facebook.com to the system itself."
The malware used in the scam is reportedly designed to steal victim's personal data. Trend Micro said the malware is particularly dangerous as it has several backup features that make it more difficult to remove.
"Upon further analysis, we also discovered that that the malware performs DNS queries to several domain names. What this means that the people behind this are prepared for server malfunction and have a backup to continue stealing information," wrote Melgarejo.
"In addition, unlike other social media attacks which use fraudulent links, it is an executable which runs every system startup. This poses a big threat to multiple users using an affected system."
The Facebook scam is one of many that uses an established brand as a means to entice users to click on infected links or malicious attachments.
Most recently Security firm AVG linked a series of malicious email messages masquerading as news alerts from the BBC and CNN to the infamous Blackhole exploit kit.
Source: IT news, reviews and analysis for UK IT professionals - V3.co.uk
