Trend Micro security experts received email messages that supposedly came from Facebook. It asks recipients to update their login credentials for security purposes. It then instructs them to click the URL provided in the email message. When the user clicks the URL, it points them to a spoofed Facebook website where they are required to input their password only as their email address has been automatically filled up.
Once the users hit the “Login” button, it will redirect them to another fraudulent page where a link to download a suspicious update tool file is provided. Trend Micro detects this as TROJ_ZBOT.CDX.
As of this writing, the phishing URL as well as the malicious file has been blocked and detected already via the Trend Micro Smart Protection Network.
This is a great example showing just how cunning cybercriminals can be just to steal precious information. They even claimed to offer recipients security, which is really ironic. Not everyone though may be as hard to fool as, say, security experts. So how can you tell if your personal information is being phished? Here are some useful tips:
- Check the email’s content. Misspellings and grammatical mistakes are very common in spammed messages.
- Do not click embedded links. If you need to update your login credentials, go to the site’s homepage and log in from there.
- Check the URL in the message body. A legitimate Facebook link will not continue beyond .com as in the two bogus email messages.
- Check the time stamps. Facebook has millions of users worldwide so it really is very unlikely that the site’s administrator will send out email messages to all users within the same day.
- Check the sender’s email address. A legitimate Facebook email sender will have a facebook.com and not a facebookmail.com address.
Don’t be just another victim. Keep in mind that cybercriminals will do just about anything to fool those who let their guards down.
Additional text by Det Caraig