Facebook and Twitter users are receiving bogus messages in attempt to direct unsuspecting users to fake Facebook and Twitter login pages in effort to have the user log in and then steal their account username and password.
Typical Facebook messages used to lure users to fake login pages have included:
“lol i can’t believe these pics got posted….
“it’s going to be BADDDD when her boyfriend sees these”
Twitter users are also under siege with the same type of scam. Several Twitter users are reporting receiving messages that direct them to a fake Twitter login page:
“hey! check out this funny blog about you…”
“win a free iPhone”
The gathering of usernames and passwords from Facebook and Twitter can be of immediate value to the bad guys as many users have the same username and passwords for e-commerce sites allowing the bad guys to make immediate purchase on the users account. The author believes that the current harvesting of Facebook and Twitter account credentials is a precursor for something bigger and perhaps more ominous down the road – directing users to web-borne malware laden websites.
Users should never log in to any screen that pops up - only on the login screen for the legitimate URL they enter themselves.
Another notable trend in the first days of 2009 is the continued increase in bogus Google Alerts that when clicked, users are redirected to a malware laden website. I have received no less then 50 such alerts all leading to web pages hosting the malicious Antivirus 2009. See example below.
Google Web Alert for: Paul henry cissp
Gary Winebrenner. Gary Cahill; Gareth Curran; Marcin Gradziel; John.
Gary winebrenner Gary: webb: gary: webb: henry: webb: howard: webb: jarret: webb : … Bojo cissp, scotchguard water proofing gary” data security manager …
