Kaspersky Faces Latest Facebook Phishing Attack

Kaspersky Lab, a leading developer of secure content management systems, has responded to the latest phishing attack on Facebook with a practical guide for all Internet users on how to stay safe online from the threats of cybercrime. The Internet security vendor advises that malicious code distributed via social networking sites is 10 times more effective, in terms of successful infection, than malware spread via email.

On May 15, Facebook was hit by another phishing attack, a tactic designed by cybercriminals to steal a person’s identity, gather personal data and use this to defraud the victim of their money.

David Emm, a member of the Global Research and Analysis Team at Kaspersky Labs explains, “Given the phenomenal success of Facebook, Twitter and other popular social networking sites, it should come as no surprise that it has attracted the attention of cybercriminals and the threat shows no signs of abating.”

“Phishing scams succeed by luring in their victims under the pretense of something that at first glance may appear legitimate. Remaining vigilant and taking the right precautions is the key to not falling into their trap,” he added.



Malicious code distributed via social networking sites is suggested to be 10 times more effective in terms of successful infection than malware spread via email. Internet users are far more likely to click on a link received from a trusted friend, rather than a link in a random spam message. Kaspersky Lab has recently seen a massive increase in phishing attacks on the Facebook login page. Cybercriminals have been using the site’s internal message system to send short messages that direct visitors to a website purposely designed to clone Facebook’s log-in screen.

Kaspersky Lab’s top tips for protecting against phishing attacks:

• For sites such as Facebook, create a bookmark for the login page, or type the URL directly into the browser address bar.
• Don’t click on links in e-mail messages.
• Only type in confidential data on a secure web site.
• Check your bank account(s) regularly and report anything suspicious to your bank.
• Install Internet security software and keep anti-virus updated.
• Install security patches.
• Be wary of unsolicited e-mail or IM messages.
• Be careful about logging in with Administrator rights.
• Backup your data.

Look for giveaway signs of phishing e-mails:

• If it’s not addressed to you personally.
• If you’re not the only recipient.
• If there are spelling mistakes, poor grammar or syntax or other clumsy use of language.

Emm provides a final word of warning: “High profile reports of scams such as the latest Facebook attempt raise awareness of the risk of cybercrime, but it is important to make clear that it is not an isolated incident as we are detecting over 17,000 new Internet threats everyday.”


P/S : http://www.kaspersky.com/news?id=207575818