Recently, Symantec observed a phishing Web site spoofing the brand Facebook which claimed to be an alert from the Facebook security system. The phishing page was in Indonesian as it targeted Facebook users in Indonesia.
The phishing site was titled “cancellation of blocking accounts” and the page stated the user’s account had been reported by other users for violation of security rules. The phishing page warned that the user must confirm his or her identity within 24 hours by providing login credentials, and if the user didn’t do so, the security system would permanently close the account. The sensitive information requested in the phishing site was email address, password, and the user’s date of birth.
The message was allegedly from Facebook’s security system but ironically, the phishing site was created with the motive to steal user credentials. Upon entering the credentials, the phishing page returned an error stating that the information entered was invalid. If the credentials are entered a second time, the phishing page redirects to the legitimate Facebook Web site. The phishing site was hosted on a free Web hosting site.
Internet users are advised to follow best practices to avoid phishing attacks. Here are some basic tips for avoiding online scams:
• Do not click on suspicious links in email messages.
• Check the URL of a Web site and make sure that it belongs to the brand.
• Type the domain name of your brand’s Web site directly into your browser’s address bar rather than following any link.
• Frequently update your security software, such as Norton Internet Security 2011, which protects you from online phishing.