This realistic phishing scam is after your Facebook credentials

2 minute read
phishing scam

Home » News » This realistic phishing scam is after your Facebook credentials

A new phishing attack surfaced online that aims at stealing Facebook credentials. The attack was identified by Myki that is actually a password management company.

The company stated that the attackers actually use an HTML block to realistically reproduces a social login prompt. The technique used by the attackers is to prompt the users to visit a malicious website that has already been embedded with the block.

The campaign looks so convincing and realistic hence the company performed a detailed analysis of the scam aiming to create awareness among its users. The investigation was done after most of their users failed to auto-fill passwords on some particular websites. That is the reason that the company suspected those websites to be suspicious.

The attackers are launching the attack by designing an HTML based social login popup prompt. The login prompts look like a legitimate option due to the similar navigation bar, status bar, content and shadows.

The false login prompt convinces users to login to the websites using their Facebook credentials. The login information is then sent directly to the attackers once users enter their usernames and passwords.


In case you want to be secure while surfing the internet, you will need to get a full-dedicated tool to secure your network.  Install now Cyberghost VPN and secure yourself. It protects your PC from attacks while browsing, masks your IP address and blocks all unwanted access.


Spotting The Abnormal Behavior

According to the company, the abnormal behavior can be observed by dragging away the Windows from their original position. If you are not able to drag the prompt, there might be the case that you might not be able to see the part of the prompt and it hides beyond Window’s edge. It is an indication that the prompt or popup is definitely a fake one.

Recently, there has been an increase in the phishing attacks worldwide and the attackers are constantly using updated mechanisms for that purpose.

Most of the users eventually fall into their trap and they have to bear the consequences. You can not afford to loose your sensitive data, therefore it is strongly recommended that you should avoid visiting suspicious sites.

RELATED POSTS YOU NEED TO CHECK OUT:

Discussions

Next up

Are you sure you want to move this folder to the Recycle Bin [FIXED]

Alexandra Miu avatar. By: Alexandra Miu
2 minute read

You have most likely encountered Are you sure you want to move this folder to the Recycle Bin message on your PC at least once. […]

Continue Reading

Why am I getting ads on Twitch with AdBlock? [EXPERT FIX]

Alexandra Miu avatar. By: Alexandra Miu
2 minute read

Many Windows 10 users reported getting ads on Twitch with Adblock. This is an unusual problem, but in today’s article, we’ll show you how to […]

Continue Reading

Aventail VPN is not connecting [SOLVED BY EXPERTS]

Vladimir Popescu avatar. By: Vladimir Popescu
2 minute read

Many Aventail VPN users have encountered the error message Aventail VPN is not connecting. This problem seems to occur no matter how the VPN service […]

Continue Reading