All the latest UK technology news, reviews and analysis


Facebook users warned over fake security page phishing scam

02 Apr 2013
facebook-homepage

Cyber criminals are targeting Facebook users with a malicious, fake security check page, according to Trend Micro.

Trend reported detecting the phishing scam in a blog post on Sunday.

The scam reportedly hooks Facebook users by pretending to be a legitimate security check, which when clicked redirects the user to a malicious site owned by the criminals.

"The goal is to redirect users who visit Facebook to a spoofed page, which claims to be a part of the social networking website's security check feature," wrote Trend Micro threat response engineer, Anthony Joe Melgarejo.

"It does this by redirecting all traffic to facebook.com and www.facebook.com to the system itself."

The malware used in the scam is reportedly designed to steal victim's personal data. Trend Micro said the malware is particularly dangerous as it has several backup features that make it more difficult to remove.

"Upon further analysis, we also discovered that that the malware performs DNS queries to several domain names. What this means that the people behind this are prepared for server malfunction and have a backup to continue stealing information," wrote Melgarejo.

"In addition, unlike other social media attacks which use fraudulent links, it is an executable which runs every system startup. This poses a big threat to multiple users using an affected system."

The Facebook scam is one of many that uses an established brand as a means to entice users to click on infected links or malicious attachments.

Most recently Security firm AVG linked a series of malicious email messages masquerading as news alerts from the BBC and CNN to the infamous Blackhole exploit kit.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson
About

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus
Poll

BYOD vs CYOD vs BYOC poll

Which approach is your firm taking to managing employees' mobile devices?
21%
13%
4%
21%
31%
10%

Popular Threads

Powered by Disqus
Sony Xperia Z2 Tablet powered by Android KitKat 4.4

Sony Xperia Z2 Tablet video

We take a look at the lightweight, waterproof tablet

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv33

Data protection: the key challenges

Deduplication is a foundational technology for efficient backup and recovery

rdc2

iPad makes its mark in the enterprise

The iPad can become a supercharged unified communications endpoint, allowing users to enhance their productivity

Litigation eDiscovery Analyst (DocuMatrix, Relativity, Introspect)

Litigation eDiscovery Analyst (DocuMatrix, Relativity...

C# .NET Developer (SQL, Algorithms, Data Algorithms, Artificial

C# .NET Developer (SQL, Algorithms, Data Algorithms...

Software Development Engineer

Develop: Customise: Configure. Maximise your technical...

Retail and Finance Application Developer and Support Analyst

MS Dynamics Nav: Retail and Finance Application Developer...
To send to more than one email address, simply separate each address with a comma.