While scouting the Web for the latest Facebook security issues, I’ve stumbled upon a new Facebook login page, as shown in the below pictures. In fact, it is not surprising that the fake Facebook site still exist as cybercriminals are using it as a phishing attack to steal the users’ login password.

Picture 1:

Normally I won’t show the actual phishing site’s URL name, but hey, it’s far too important to login to your Facebook account by using the real URL, i.e. https://www.facebook.com, not just the similar design as appeared on your browser.

Picture 2:

If you try going to the phishing site mentioned in the above, your Facebook login credentials will be sent to the remote server, i.e. logs.php via HTTP POST, as shown in the below picture. After all, your login details will be saved to their log file for them to use.

However, after you login this fake Facebook account, it will redirect you to a user page of YouTube account called xToxicEclipse’s Channel, which seems to be legitimate.

In addition, the domain name of this fake Facebook page was registered in a Web hosting company in Indonesia called Dijaminmurah.com on September 11 this year…

So be careful if you come across any URL link to this fake Facebook site on your profile’s Wall.

Tagged as: , , ,