Facebook and Twitter hit by phishing attacks
Friday, May 22, 2009
Facebook and Twitter, two of the most popular social networking sites on the web, were both hit Thursday by separate phishing attacks designed to steal users' login information.
The Twitter attacks used the site's email notification system to encourage users to click on a link to a fake site that spoofs Twitter and asks the user to enter their login and password.
Cybercriminals set up fake Twitter accounts and began "following" legitimate Twitter users. When Twitter sends email notification to users that they have a new follower on the site, users who went to the scammer's profile would see a link to the spoof site, according to IDG News.
Once the attackers had stolen login credentials, they used hijacked accounts to post Twitter messages that appeared to come from the hacked users.
Another round of phishing attacks on Facebook was also spotted yesterday. Security researchers spotted spam messages with the subject line "Hello" that told users to go to a link with a ".at" domain in the body of the message.
Security experts say phishing attacks on social networking sites are up to 10 times more effective than those sent via email.
Related News:
Password security a tall order for many web users - 1.22.2010
A recently released study from tech researcher Imperva showed that the most popular password among users whose accounts were compromised in the recent RockYou data breach was as follows: 123456.
Facebook fixes "wrong friends list" mobile network security glitch - 1.22.2010
CNET reports that social media network Facebook has repaired a problem in the mobile version of its service that caused some mobile users to have full access to the friends lists of unassociated users.
Automated phishing scam hits bank customers - 1.14.2010
Phishing attacks do not target victims exclusively via email, experts say, pointing to a recent rash of automated phone calls that attempted to convince victims to give up sensitive banking information.
Scammers ride aftershocks of Haiti catastrophe - 1.14.2010
The Federal Bureau of Investigation has issued a warning to those who want to contribute to earthquake relief efforts in Haiti, saying that cyber criminals and other types of scam artists are trying to take advantage of an outpouring of humanitarian support.
Banking Trojans finding new vector with fake Outlook alerts - 1.11.2010
A spurious alert purporting to come from Microsoft Outlook has cropped up in recent weeks, according to a maker of email filtering software.
|
