This realistic phishing scam is after your Facebook credentials

Zille Huma avatar. By: Zille Huma
2 minute read
phishing scam

Home » News » This realistic phishing scam is after your Facebook credentials

A new phishing attack surfaced online that aims at stealing Facebook credentials. The attack was identified by Myki that is actually a password management company.

The company stated that the attackers actually use an HTML block to realistically reproduces a social login prompt. The technique used by the attackers is to prompt the users to visit a malicious website that has already been embedded with the block.

The campaign looks so convincing and realistic hence the company performed a detailed analysis of the scam aiming to create awareness among its users. The investigation was done after most of their users failed to auto-fill passwords on some particular websites. That is the reason that the company suspected those websites to be suspicious.

The attackers are launching the attack by designing an HTML based social login popup prompt. The login prompts look like a legitimate option due to the similar navigation bar, status bar, content and shadows.

The false login prompt convinces users to login to the websites using their Facebook credentials. The login information is then sent directly to the attackers once users enter their usernames and passwords.


In case you want to be secure while surfing the internet, you will need to get a full-dedicated tool to secure your network.  Install now Cyberghost VPN and secure yourself. It protects your PC from attacks while browsing, masks your IP address and blocks all unwanted access.


Spotting The Abnormal Behavior

According to the company, the abnormal behavior can be observed by dragging away the Windows from their original position. If you are not able to drag the prompt, there might be the case that you might not be able to see the part of the prompt and it hides beyond Window’s edge. It is an indication that the prompt or popup is definitely a fake one.

Recently, there has been an increase in the phishing attacks worldwide and the attackers are constantly using updated mechanisms for that purpose.

Most of the users eventually fall into their trap and they have to bear the consequences. You can not afford to loose your sensitive data, therefore it is strongly recommended that you should avoid visiting suspicious sites.

RELATED POSTS YOU NEED TO CHECK OUT:

Discussions

Next up

Vampire: The Masquerade Bloodlines 2 won’t get 3rd person play

Alexandru Voiculescu avatar. By: Alexandru Voiculescu
2 minute read

Developers Hardsuit Labs and Paradox Interactive announced on the official Vampire: The Masquerade – Bloodlines 2 Twitter account that the game will be first person […]

Continue Reading

Microsoft Paint gets full keyboard input support this month

Zille Huma avatar. By: Zille Huma
2 minute read

Last year, Microsoft informed MS Paint users that their favorite app from childhood would no longer be available on Windows 10. Microsoft was really determined […]

Continue Reading

Windows 10 Task Manager now displays HDDs and SSDs separately

Zille Huma avatar. By: Zille Huma
2 minute read

Microsoft rolled out new Task Manager improvements to Windows Insiders. If you’re already running the Windows 10 20H1 builds, you can already try out the […]

Continue Reading