Feeds

Facebook phishers cast multiple lines

Scammers bait social networking site with hooky apps

Reducing security risks from open source software

Miscreants have recently begun peppering Facebook with a variety of new phishing scams with sex, sex, sex and more sex featuring prominently.

One example involves a fake customer dispute application page, since pulled, that appeared to have a valid Facebook URL.

The content was actually hosted by Ripway hosting, a service that's often used and abused by script kiddies, according to Chris Boyd of IM security firm FaceTime.

Boyd told El Reg that no Facebook application was involved in the scam, just a valid Facebook app URL and the Ripway hosted scam page.

"It seems someone set up an application developer account with Facebook, placed a fake 'customer dispute page' onto their Ripway hosting, which they were somehow able to post onto their Application page and start directing Facebook users to it," Boyd added.

A write-up of the threat (now neutralised) can be found in a blog posting here.

Another Facebook phishing threat discovered over the weekend involves messages and a rogue Facebook application. The 'sex sex sex and more sex!!!' app is sending out notifications that attempt to direct prospective marks to a credential harvesting site.

Ne'er-do-wells have taken steps to disguise the location users are directed towards, explains Rik Ferguson, a security researcher at Trend Micro.

"The hyperlinks in the notification both lead to a malicious website hosted on the fucabook.com domain," Ferguson explains. "The server at fucabook.com loads up a JavaScript before immediately using HTTP meta refreshtags to pull up the real Facebook website and prompting the victim for their login credentials."

Harvesting credentials is not entirely new and often not an end in itself. Compromised accounts can be used to send spam or distribute perhaps more pernicious scams. The fact that many people use the same credentials on multiple websites opens up the means for hackers to break into webmail accounts. From there, they can find out what online banking or ecommerce accounts a prospective mark holds, before attempting to break into those accounts. ®

Mobile application security vulnerability report

More from The Register

next story
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
NUDE SNAPS AGENCY: NSA bods love 'showing off your saucy selfies'
Swapping other people's sexts is a fringe benefit, says Snowden
Own a Cisco modem or wireless gateway? It might be owned by someone else, too
Remote code exec in HTTP server hands kit to bad guys
British data cops: We need greater powers and more money
You want data butt kicking, we need bigger boots - ICO
Crooks fling banking Trojan at Japanese smut site fans
Wait - they're doing online banking with an unpatched Windows PC?
NIST told to grow a pair and kick NSA to the curb
Lrn2crypto, oversight panel tells US govt's algorithm bods
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Mobile application security vulnerability report
The alarming realities regarding the sheer number of applications vulnerable to attack, and the most common and easily addressable vulnerability errors.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.