Facebook phishing attack preys on users desiring to know profile viewers

Share this article:

Want to know who is visiting your Facebook page? You can't – and even though that point is reinforced on the social media giant's help page, it has not stopped some clever phishers from trying to trick people into thinking there is a new way of doing it.

Security software company Symantec has discovered a type of ruse that preys on Facebook users who want to do a little reverse-stalking, according to a recent blog post. The phishing attack is clever in that it goes for social media login credentials in two different ways.

The first option asks users to enter their login credentials into the faux website, which is designed to look similar to the official Facebook website. According to the post, if information is entered, the data will be sent to the attackers and users will be redirected to a legitimate Facebook page.

The tricksters encourage the second option: downloading a piece of software that is actually a trojan known as Infostealer. The incentive offered by the phishers for choosing this option is that users will also be alerted when people view their profiles.

The malware was analyzed by Symantec, according to the post, and it was noted that the two downloaded Infostealer files are added to the registry run key and executed after every reboot. A keylogger is also established to record everything that is typed.

The malware will also test for an internet connection by pinging to www.google.com. If there is, the malware will send purloined information to an email address belonging to the attacker. The email address has been invalid for three months, the post said, so while the malware is not currently sending updates to the phishers, that could change at any time.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Email promises free pizza, ensnares victims in Asprox botnet instead

Email promises free pizza, ensnares victims in Asprox ...

Cloudmark came upon an email that offers free pizza, but clicking on the link to get the coupon ends with victims being ensnared in a botnet.

Report: most orgs lacking in response team, policies to address cyber incidents

In its Q3 threat intelligence report, Solutionary learned that 75 percent of organizations it assisted had no response team or policies and procedures to address cyber incidents.

Flash redirect campaign impacts Carnegie Mellon page, leads to Angler EK

Flash redirect campaign impacts Carnegie Mellon page, leads ...

Malwarebytes found that, since early July, thousands of sites had been targeted in the campaign.