Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    August 2015
    S M T W T F S
    « Jul    
  • Email Subscription

  • About Us

    Author Archive - Paul Pajares (Fraud Analyst) and Gelo Abendan (Technical Communications)

    We recently encountered a mobile phishing page that looks very similar to the official Facebook mobile page. However, looking closely into the URL address, there are noticeable differences. The real Facebook page is located at and has the lock icon to show that the page is secured.


    Figure 1. Fake vs. legitimate Facebook mobile page

    This page tries to steal more than Facebook credentials. Should users actually try to log in, the page then prompts users to choose a security question. This may sound harmless, but these same security questions might be used across several different sites, and can compromise your security as well.


    Figure 2. Fake Facebook security page

    Once users are done, they are led to another page, this time asking for their credit card details.


    Figure 3. Page asking for credit card details

    In cases like these, users should always be careful and double-check the URLs of sites they are entering personal information into, particularly those that claim to belong to a particular service. In addition, Facebook does not ask for a user’s credit card information unless they are making a purchase.

    Earlier this year, we established that mobile devices are now platforms for phishing attacks. With high-profile incidents like the mobile phishing page targeting Chase customers, the fake WhatsApp notification serving a multiplatform threat, the master key vulnerability, and not to mention the growing number of online banking transcations via mobile devices – threats for mobile devices are catching up with its PC counterparts in terms of severity.

    Armed with the right information and protection, mobile users can prevent becoming a victim of such threats. Trend Micro protects users from this threat by blocking access to the said site via its web reputation service.

    Posted in Bad Sites, Mobile | Comments Off on Fake Facebook Mobile Page Steals Credit Card Details

    Based on the number of phishing sites we observed in 2012, it appears that cybercriminals have discovered a new target in mobile devices.

    For 2012, we found 4,000 phishing URLs designed for mobile Web. Though this number represents less than 1% of all the phishing URLs gathered that year, this highlights that mobile devices (smartphones, tablets and the likes) are valid platforms to launch phishing attacks.

    Cybercriminals use phishing sites, which are spoofed versions of legitimate sites, to trick users into disclosing sensitive information like usernames, passwords, and even account details.

    What’s more worrisome is the kind of websites these phishing attacks spoof. In 2012, 75% of mobile phishing URLs were rogue versions of well-known banking or financial sites. Once users are tricked into divulging their login credentials to these sites, cybercriminals can use these stolen data to initiate unauthorized transactions and purchases via the victim’s account.

    A portion of these phishing sites were designed to spoof social networking sites (2%) and online shopping sites (4%). This small number for phishing sites for social media may be due to users preference for social media apps. Because users are unlikely to visit social networking sites by Web mobile, launching phishing equivalent of these pages may not be an effective way to target users.

    These numbers are consistent with our top 10 most phished entities, in which majority are banking or credit card websites.


    Figure 1. Mobile phishing URLs by industry

    Read the rest of this entry »

    Posted in Mobile | 1 TrackBack »


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice