Tuesday, July 05, 2011

"Smishing" attacks now mimic Facebook "notifications" from administrators, not just "Friends"

Here’s a new one.  Phishers sent you Facebook a “Facebook notification”.  If you cursor over the link, it is to something else (offshore).  If you copy the web address, it’s not on Facebook. This one is pretty “good”, copying the Facebook trademark and automated email scheme exactly.

This seems to be a variation of “smishing”, where fake emails are sent to “Friends” lists of hacked accounts.  Instead of coming from a “Friend”, it appears to come from a Facebook administrator – until you notice that the actual URL is offshore.   Maybe China really does “want” Facebook after all. 

No comments: