14 DAY TRIAL // A phishing campaign targeting Facebook credentials has been observed to leverage images of glamour models in order to lure victims into entering their username and password for the social networking service.
The pictures used as bait are of models Martisha and Denise Milani, according to security researchers from Symantec.
One of the phishing websites impersonates a Facebook page and contains a picture of model Martisha, along with a message in Arabic suggesting that by logging in the victim can engage in adult chatting sessions with women or men.
However, after entering the details, the victim is redirected to the real Facebook login page, while the credentials are automatically sent to the cybercriminals.
Researchers say that this particular phishing website is hosted on servers in Damietta, Egypt.
In another example, the crooks used a picture of model Denise Milani, and also suggested access to adult content. The same behavior as in the previous case has been observed, with a redirect to the legitimate Facebook page.
Protecting against such malicious campaigns is not too difficult, but users have to pay attention to the URL address and make sure that it belongs to the legitimate service accessed.
Landing on these fake pages can happen by clicking on links in suspicious messages or posts delivered through social networks.