14 DAY TRIAL // Sophos warns of a new phishing campaign targeting the users of the Hi5 social network. The e-mails masquerade as a friend invitation, and the contained link directs the users to a fake login page.
It's no news that identity thieves are using social engineering tactics in order to trick unsuspecting users into handing over their personal information. Such techniques are particularly effective when applied to social networks, where the practice of trusting people added to a friend list with more detailed personal information is rather common.
The latest spam targeting the Hi5 users is no different, in this respect, as J. Legare, malware analyst at SophosLabs Canada, explains. “This phishing campaign could be an attempt to steal login and password information from legitimate hi5.com users, as well as all the information that this login and password can unlock,” he notes.
For an untrained eye, the fake e-mails are hard to differentiate from the legit invitations sent by the users of the social network. They employ the same design and, of course, the picture of a pretty girl is attached to the deceptive one in order to entice interested men into rushing to accept the alleged friend invitation.
Obviously, adding someone to the list of friends requires user authentication, so one would expect the link included with the invitation to open the Hi5 sign-in and registration page in their browsers. This is where the phishers hope that people are not paying attention, because the page that opens, even if closely resembling the legit one, is hosted on a .vc domain.
In addition, all the links on the page are not functioning, and neither does the new user registration form. However, the login form will accept any information that the user tries to submit. Mr. Legare warns that if you have fallen victim to this attack, you should change the login password for all your online accounts on popular services, such as email, msn, youtube, etc., and not just Hi5. “The phishmongers will likely attempt to log in those sites as well, with the same user info,” the researcher says.
Due to the core concepts that govern social networking websites, harvesting legit accounts rather than trying to subvert the protections of the registration systems in order to register fake ones is more profitable. The success of the Koobface worm that has been plaguing Facebook and MySpace for months is due to the fact that it preys on users' trust of messages originating from people in their friends list.
