This realistic phishing scam is after your Facebook credentials

Zille Huma avatar. By: Zille Huma
2 minute read
phishing scam

Home » News » This realistic phishing scam is after your Facebook credentials

A new phishing attack surfaced online that aims at stealing Facebook credentials. The attack was identified by Myki that is actually a password management company.

The company stated that the attackers actually use an HTML block to realistically reproduces a social login prompt. The technique used by the attackers is to prompt the users to visit a malicious website that has already been embedded with the block.

The campaign looks so convincing and realistic hence the company performed a detailed analysis of the scam aiming to create awareness among its users. The investigation was done after most of their users failed to auto-fill passwords on some particular websites. That is the reason that the company suspected those websites to be suspicious.

The attackers are launching the attack by designing an HTML based social login popup prompt. The login prompts look like a legitimate option due to the similar navigation bar, status bar, content and shadows.

The false login prompt convinces users to login to the websites using their Facebook credentials. The login information is then sent directly to the attackers once users enter their usernames and passwords.


In case you want to be secure while surfing the internet, you will need to get a full-dedicated tool to secure your network.  Install now Cyberghost VPN and secure yourself. It protects your PC from attacks while browsing, masks your IP address and blocks all unwanted access.


Spotting The Abnormal Behavior

According to the company, the abnormal behavior can be observed by dragging away the Windows from their original position. If you are not able to drag the prompt, there might be the case that you might not be able to see the part of the prompt and it hides beyond Window’s edge. It is an indication that the prompt or popup is definitely a fake one.

Recently, there has been an increase in the phishing attacks worldwide and the attackers are constantly using updated mechanisms for that purpose.

Most of the users eventually fall into their trap and they have to bear the consequences. You can not afford to loose your sensitive data, therefore it is strongly recommended that you should avoid visiting suspicious sites.

RELATED POSTS YOU NEED TO CHECK OUT:

Discussions

Next up

Here’s how to permanently fix Taskhost.exe high CPU usage

John Waibochi avatar. By: John Waibochi
5 minute read

Taskhost.exe is a process that hosts various Windows processes running from a dynamic link library instead of the conventional .exes (executable files). You see, libraries (.dlls) […]

Continue Reading

MsConfig in Windows 8, Windows 10: How to Access it

John Nedelcu By: John Nedelcu
3 minute read

Using the good ol’ msconfig in Windows 10, Windows 8 is very, very simple; read our basic advice to learn how easy it is to […]

Continue Reading

5 best DVD copy protection software to install in 2019

Costea Lestoc By: Costea Lestoc
6 minute read

DVD copy protection is a broad term that covers various methods of copy protection for DVDs. These methods include DRM, CD/DVD-checks, Dummy Files, over-sizing and […]

Continue Reading