Facebook phishing attack targets Syrian activists

Summary:Researchers from the EFF (Electronic Frontier Foundation) have spotted an ongoing Facebook phishing attack, spreading across Syrian pro-revolution forums on Facebook.

Researchers from the EFF (Electronic Frontier Foundation) have spotted an ongoing Facebook phishing attack, spreading across Syrian pro-revolution forums on Facebook.

More details:

The screenshot below displays the link in a comment under a pro-revolution video. The phishing link is accompanied by the following text in Arabic: Urgent and critical.. video leaked by security forces and thugs.. the revenge of Assad's thugs against the free men and women of Baba Amr in captivity and taking turns raping one of the women in captivity by Assad's dogs.. please spread this.

The spamvertised phishing URL hxxp://l0gin1.cixx6.com//photo-php=/426519_333998546633128_33140461 0225855_1082043_158875083/login/facebook/en/?i=1561 is currently returning a 404 Not Found error message. It spreads via postings within Facebook Groups, and also through personal spamvertising courtesy of compromised Facebook accounts.

The campaign is similar to last week's uncovered "Fake YouTube sites target Syrian activists with malware" campaign, once again detected by the EFF.

The phishing campaign is a great example of an ongoing practice within the cybercrime ecosystem, namely localizing texts, messages and fake web sites into the native language of the prospective victim.

For the time being, the phishing web site has been detected as a phishing site, only by Google's Safebrowsing.

The EFF is advising users to be extra vigilant for malicious content coming from, both, known and unknown sources on Facebook.

Topics: Security, Social Enterprise

About

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popular security blog sharing real-time threats intelligence data with the rest of the community... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.