Phishing to reignite old tested ways in 2012
Never use your credit card details to reactivate Facebook. A new phishing link has been leading users to a page that looks alike the popular social networking site and gather the user’s credit card details.
The scheme will first gain access to a user’s facebook account and change the profile to look like a member of the site’s security team and then lure those on the contact list to divulge their credit card details.
According to Digital Trends the facebook lookalike page with entry forms similar to a typical facebook entry form includes fields such as name, email, facebook password, email password and security question.
Once the user enters these details and confirms the next step asks the user to enter the first six digits of the credit card number to confirm identity and then go on to gather additional information such as billing address, full credit card number, expiration date and the security code that goes with the card.
Meanwhile according to scam tracking networks, phishing in 2012 could go back to using old techniques.
GFI Software in its recently released report has a collection of the 10 most prevalent threat detections encountered during the month. According to it phishing campaigns has once again proved to be among the most significant threats, with scammers targeting Chase and Barclays customers, as well as launching malware attacks against Amazon shoppers who were expecting holiday packages.
"The threats we uncovered last month illustrate the consistent reuse of tried-and-true attack methods slightly modified to target new groups of potential victims," said Christopher Boyd, senior threat researcher at GFI Software. "Most cyber-attacks at any given time rely on old techniques deployed with a new disguise. The reason we see them again and again is quite simply because they work, and we anticipate 2012 to bring many fresh takes on old scams."
The report also added that bank related phishing is increasingly becoming a common threat. Barclays customers received messages from a free Yahoo email address claiming that their account had been suspended due to incorrect login attempts. The phishers employed scare tactics by insisting information had to be provided to reactivate the account within a certain amount of time. Once the victim's identity was submitted, they were redirected to the official Barclays website in order to further mask the crime.
Online shoppers also continue to be a popular pool of potential victims. Emails disguised as messages from Amazon fooled users into clicking a link to infected websites hosting Black Hole Exploit Kits. These kits are designed to take advantage of unpatched Windows operating systems and software. An infected PDF file is then downloaded to the victim's computer which exploits a vulnerability in Adobe Reader and loads malware onto the system.
Follow Emirates 24|7 on Google News.