Computer News & Safety – Harry Waldron Rotating Header Image

Facebook – Beware of SMS based phishing attacks AUGUST 2018

The SANS ISC shares excellent awareness of an SMS based phishing attack circulating that is so realistic it can trick users into getting their accounts hacked.  It is especially convincing to mobile users where details of URLs are hidden & all actions appear to be realistic FB actions.

https://isc.sans.edu/forums/diary/Facebook+Phishing+via+SMS/23940/

Facebook accounts are still a pretty hot commodity to spread malware. No ruse works better than having a “Friend” offer you some new software or browser extension. As a result, we keep seeing attempts to phish Facebook credentials. Late last week I came across a simple example of such an attempt that in particular targeted users of mobile devices. Mobile browsers have long been an easier target for phishing. They often do not display the full URL (or any URL) to safe limited screen real estate. Many of the queues users are looking for in desktop browsers are harder to make out in mobile browsers.

This particular attack started with a simple SMS message. This technique as also been called “smishing” (SMS Phishing). The attacker managed to obtain a hostname starting with “facebook.” A vigilant user may, however, realize that this is the domain of a Bulgarian University.

Upon clicking on the link, a reasonably well-done copy of the facebook login page is displayed. Luckily, in this case, the full URL fits into the URL bar. The attacker went even so far as to do some simple input validation. If random data is entered, an error message is displayed. If a correctly formed e-mail address is entered, the user is redirected to the actual Facebook login page.

Comments are closed.