Internet security firm Symantec's response team
has warned Facebook users of two new phishing scams
that try to replicate the look of the popular social media network to "harvest user credentials".
The first scam has created an entire Facebook login page spoof, aimed at Indian users. Though a literal translation of the word Facebook, "Chehrakitab" has nothing to do with the social network and has been created only with malafide intent. One look at the text on the page and you know something is wrong, but most users do not read the details. The site is hosted on a free Web hosting service.
In another scam, phishers have created a fake app that uses the image of a girl along with what looks like a Facebook 'Like' button. Clicking the button promps users to a "Facebook login" page and asks for credentials to "like" the photo. After users key in their IDs and password, the Netherlands-based phishing site asks them to click another 'Like' button placed near a fake number count.
These two scams follow a spate of video link scams that put a lot of Facebook users in embarrassing situations. Symantec advices that users not click on suspicious links in email messages and on social networks, do not provide any personal information when answering an email or on a pop-up page or window. Another good indicator would be to check if the site is encrypted with an SSL certificate, represented by a padlock on the address bar.
Indian Internet users are advised to be extra cautious as cyber criminals seem to have taken a liking for the country. Interestingly, Symantec Corp's Internet Security Threat Report Volume 18 says the country has seen a 280 per cent increase in infections that are spreading to a large number of emerging cities. Infected computers in cities such as Kota and Mysore are being used as remotely controlled spam zombies to send out large volumes of junk or unsolicited email messages that could contain malicious codes or could be phishing attempts, the report says.