April 2nd, 2013, 21:17 PM
Facebook users warned over fake security page phishing scam
Cyber criminals are targeting Facebook users with a malicious, fake security check page, according to Trend Micro.
Trend reported detecting the phishing scam in a blog post on Sunday.
The scam reportedly hooks Facebook users by pretending to be a legitimate security check, which when clicked redirects the user to a malicious site owned by the criminals.
"The goal is to redirect users who visit Facebook to a spoofed page, which claims to be a part of the social networking website's security check feature," wrote Trend Micro threat response engineer, Anthony Joe Melgarejo.
"It does this by redirecting all traffic to facebook.com and www.facebook.com to the system itself."
The malware used in the scam is reportedly designed to steal victim's personal data. Trend Micro said the malware is particularly dangerous as it has several backup features that make it more difficult to remove.
"Upon further analysis, we also discovered that that the malware performs DNS queries to several domain names. What this means that the people behind this are prepared for server malfunction and have a backup to continue stealing information," wrote Melgarejo.
"In addition, unlike other social media attacks which use fraudulent links, it is an executable which runs every system startup. This poses a big threat to multiple users using an affected system."