14 DAY TRIAL // If you live in India and you’re a supporter of the Aam Aadmi Party, you should definitely read this. Cybercriminals have set up a fake website on behalf of the party’s leader, Arvind Kejariwal, which they’re using to harvest Facebook credentials.
According to Symantec, the fake website displays photos of Arvind Kejariwal and urges visitors to like the page to show their support for the political organization’s fight against corruption.
When users press the like button, they’re told to log in to their Facebook account. However, the login page is not real; instead, it’s a phishing page designed to harvest the Facebook usernames and passwords of unsuspecting internauts.
On the phishing page, victims are told to log in in order to “like cute baby pic.” So what happened to liking Arvind Kejariwal?
It turns out that the cybercriminals are using a phishing page template for the scheme and they haven’t bothered making sure that the text on the actual phishing page is consistent with the page that’s used as bait.
The same phishing site template was seen one year ago when there really was a cute baby pic involved. At the time, the cybercrooks were using a picture of a cute little girl to lure people.
To make everything more legitimate-looking, the victim’s email address is displayed at the top of the page, along with a button which appears to show that the page has been liked. However, the like button is fake. By this time, the victim’s credentials are already stored on a server controlled by the cybercriminals.
If you’re a victim of this scam, change your Facebook password as soon as possible. If you’ve been using the same password for multiple services, change those as well.
Users who want to avoid falling victim to Facebook phishing scams should consider enabling two-factor authentication on their accounts. By enabling two-factor authentication, you can make sure that your Facebook account can’t be compromised even if cybercriminals obtain your password via phishing or with the aid of malware.
As far as phishing scams are concerned, it’s not difficult to identify them. The rule of thumb is that if the page is not on the respective company’s legitimate domain, the page is probably part of a malicious scheme. In addition, most major websites are protected by SSL certificates.
Such websites have an HTTPS connection and there’s a padlock icon in the browser’s address bar to indicate the certificate’s presence.