The false promise of being able to see who viewed users’ Facebook profiles is once again being used as bait on a phishing trip, as security firm Symantec reported in a blog post that this particular scam was designed to loosely resemble Facebook’s login page, but unsuspecting Web surfers will fall victim to the Infostealer strain of malware.
According to Symantec, the fake application promised users that they could view a list of other Facebook users who visited their profiles after installing the app, prompting them to either proceed with the install and inflict their devices with malware, or to enter their Facebook login credentials, after which they were directed to legitimate pages, but their information was compromised.
More details from the blog post follow:
Symantec analyzed the malware and found its behavior to be as follows:
- The malware consists of two executable files that both perform the same action.
- The files are added to the registry run key, which executes after every reboot.
- The malware sets up a key logger in order to track anything that the victim types.
- Then, it will check if there is Internet connectivity by pinging www.google.com. If there is connectivity, the malware will send all information gathered to the attacker’s email address.
- Symantec observed that the email address has not been valid for three months and, hence, the malware is not able to send updates to the attacker at the moment.
- If users fell victim to the phishing site by entering their login credentials, the phishers would have successfully stolen their information for identity theft purposes.
Internet users are advised to follow best practices to avoid phishing attacks:
- Check the URL in the address bar when logging into your account and make sure it belongs to the website that you want to go to.
- Do not click on suspicious links in email messages.
- Do not provide any personal information when answering an email.
- Do not enter personal information in a pop-up page or window.
- Ensure that the website is encrypted with an SSL certificate by looking for the padlock image/icon, “https,” or the green address bar when entering personal or financial information.
- Use comprehensive security software, such as Norton Internet Security or Norton 360, which protects you from phishing scams and social networking scams.
- Exercise caution when clicking on enticing links sent through email or posted on social networks.
Readers: Have you seen similar phishing scams?
Screenshot courtesy of Symantec. Phishing image courtesy of Shutterstock.