New Facebook phishing attack uses 'fake' Yahoo Philippines email

A "bogus-looking" Yahoo Philippines email may be used in a new wave of phishing attacks targeting Facebook users, according to a report on Forbes.com.

Forbes said Facebook has discovered a "single isolated campaign" using compromised email accounts to gain information taken from Friend Lists.

"(We have) discovered a single isolated campaign that was using compromised email accounts to gain information scraped from Friend Lists due to a temporary misconfiguration on our site," Forbes quoted Facebook as saying in a statement released to it.

It said the new attack poses as users' friends and family to trick them into clicking on potentially dangerous links.

Forbes said Facebook has since enhanced its scraping protectins to thwart similar tricks.

"To be clear, there was neither a mass compromise of Facebook accounts nor any leak of private information," it quoted Facebook as saying.

The Forbes report said the new spear-phishing campaign makes the email appear to come from a close friend or family member, and address the victim by name in the subject line or body of the message.

It also includes a link to a website controlled by the spammers.

"They exploit the fact that you’re more likely to click on strange links if they’re sent by a trusted friend," Forbes said.

Forbes.com staff David Ewalt, who wrote the report, said he received two such spear-phishing messages last week at his personal email address he registered with his Facebook account.

"In both cases, the sender appeared to be someone I interact with on Facebook, and the subject line was personalized ('for David'). But when I checked the email’s header fields, I saw that while my friend’s name was in the 'From:' field, the originating address wasn’t their usual account; instead, it was a bogus-looking Yahoo! Philippines email," he said.

Forbes also quoted Johannes Ullrich, chief research officer for the SANS Institute, as saying the number of spam attacks using data collected from social networks has ramped up in recent weeks.

“Automating these attacks is easier then before ... Having millions of users connected to the same [programming interface] creates a rather easy opportunity to harvest this information. The process is also aided by Facebook’s confusing privacy settings. They have improved, but still many users don’t realize what they share and who they share with,” Ullrich said.

Facebook recommended that users take the following steps:

Review security settings and consider enabling login notifications. Don’t click on strange links, even if they’re from friends, and notify the person if you see something suspicious. Don’t accept on friend requests from unknown parties. Report scams so they can be taken down. Don’t download apps you are not certain about. When accessing Facebook from places like hotels and airports, text 'otp' to 32665 to receive a one-time password to your account.

— TJD, GMA News

Editor’s note:Yahoo Philippines encourages responsible comments that add dimension to the discussion. No bashing or hate speech, please. You can express your opinion without slamming others or making derogatory remarks.

  • Fight vs online libel goes to the UNHCR The Inbox
    Fight vs online libel goes to the UNHCR

    Commentary By Ellen T. Tordesillas Last Tuesday, while in Baguio City for their summer session, the Supreme Court denied all the Motions for Reconsideration on Online Libel which it upheld in its Feb. 18, 2014 decision. It will be recalled … Continue reading → …

  • Book chronicles efforts for PWD-friendly polls VERA Files - The Inbox
    Book chronicles efforts for PWD-friendly polls

    By Melissa Luz Lopez, VERA Files A lot have been done but much still need to be done for a hassle-free participation of Persons with Disabilities in elections,according to a book published by The Asia Foundation (TAF) and supported by … Continue reading → …

  • The other side of Palawan Ellen Tordesillas, Contributor - The Inbox
    The other side of Palawan

    By Ellen T. Tordesillas Mention Palawan and what comes to mind are Underground River and El Nido in the northern side of this richly-blessed province from its capital, Puerto Princesa. Three weeks ago, we went to the southern side- in … Continue reading → …

POLL
Loading...
Poll Choice Options