Strategy, Threat intelligence

Phishers use fake voting campaign to steal Facebook credentials

April 8, 2014

Experts have uncovered a phishing ruse that leverages a fake voting campaign to trick users into giving up their Facebook login credentials.

The trap is hosted on a free web hosting site and targets the popular Facebook users by encouraging them to participate in a poll that asks “WHO IS GREAT BOYS OR GIRLS?” according to researchers at Symantec. Based on the question asked, it appears as though miscreants are going after younger unsuspecting users.

To give the page a credible look, a bar graph tallying up votes from the past four years is visible to users. If they choose to select the “Vote” button to participate, a pop-up prompts them to enter their Facebook username and password. Then they're redirected to a page that acknowledges their participation.

The stolen Facebook credentials can be used for identity theft purposes.

prestitial ad