Depths Phishermen Go To Catch a Phish

It is common knowledge that phishers [Authors of a phish] attempt to steal sensitive information such as passwords, credit card details etc. by masquerading as a trustworthy entity. Some key elements of a phish are:

  • A fake website created by simply ripping content off the original site and pasting them on the spurious one

Facebook Scam

  • A bait which engages potentially attractive terms like “Watch nude girls now”, “You’ve won a million dollars”, “Find what your neighbor is up to “, etc. to attract victims

Phishing  Orkut

  • Scare mongering by using words like “Account has been suspended”, “Computer found to be infected”, “Severe action will taken” etc.

Fake Message

  • Create a YouTube video

Yes, you read that right!! Phishers now go to the depths of creating videos explaining to the potential victim how to execute the phish. Call it a “how-to-guide” to give your secrets away, if you’d like.

The site under discussion http://fbshirts.%5BBlocked%5D, apart from having all the usual elements of a phish also has a video on YouTube instructing users how to give away their Facebook “mobile email address”. This is a personalized email address used to post status updates straight to your profile.

Facebook Scam

FB Scam

Users who’ve fallen victim to this scam will have a spam message posted on their facebook wall like the one below:

Facebook Shirt Scam Message

One would like to think that no one would fall victim for such a scam. But the number of hits that this video has received, (80,432 and counting) paints a bleak picture. See image below:

Phishing message

Our usual sentiments about keeping one’s security solutions up-to-date and being vary of giving one’s personal information to unknown sites apply.

Lokesh Kumar
K7 TCL

K7 Computing UK  |  K7 Computing IRL

About k7press

Antivirus Vendor - distributor for United Kingdom and Republic of Ireland

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s