Car Hacking: More likely to be done by a mechanic than by a hacker
infosec

Car Hacking: More likely to be done by a mechanic than by a hacker

When we talk about car hacking, it comes to mind a hacker who gets remote access to the car system ...
Read More
infosec

Sri Lanka: Blocks access to social media

The government of Sri Lanka has temporarily blocked access to various social media services following deadly explosions that erupted ...
Read More
infosec tweaks

How to hack networks with Wi-Fi passwords

Probably you have a Wi-Fi network in your home or stay close to one (or more) that appears in ...
Read More
infosec tweaks

What is Social Engineering, what are its techniques and how to protect yourself?

Social Engineering is the term used for a wide range of malicious activities that are accomplished through human interactions. Uses the ...
Read More
infosec tweaks

Cryptocurrency: Ways to Enhance Your Privacy

Privacy and privacy on the internet are of great importance. It is not enough to take one or two measures to protect ...
Read More
Latest Posts

Google and Facebook users are targeting a phishing campaign

PhishingIt looks like hackers are starting to use a new phishing campaign that seeks to steal user login Facebook and Google. According to Larry Cashdollar, a security researcher at the Akamai Security Intelligence Response Team, he recently received an email that had been flagged by Google as a suspect. The email has told him about a new device that was used to connect to his Google account. Since he was not logged into his account when the warning email came to him, he decided to look at the message more thoroughly.

The email sent from facebook_secur@hotmail.com was a short report from Google. The first to be thwarted was the Hotmail account and the address had more to do with Facebook than with Google. Abusing the name of the famous company is a trick that has been actively used in phishing attacks. In this case, the scammers tried to deceive users into thinking that the alert came from the Facebook security team.

First part of attack - report by Google

The fake e-mail also included a 'Consult the activity' link, which once the user clicks, redirects the victim directly to a page that encourages the user to enter the login and password of the Google Account. The suspect for this landing page is the Google Translate domain. This is a well-designed option because when the user sees the URL in the navigation bar, the legitimate Google domain appears and creates a false sense of legitimacy.

According to Larry Cashdollar himself, the address of the link seems legitimate when it opens on a mobile device. However, analysis of the email and the landing page address on the computer reveals the full "translate.googleusercontent.com/translate" section.

If the user notices this address in the first stage of the attack, the infection can be avoided. However, when you enter your email and password to log in to your Google Account, the attacker can collect the information you have entered and proceed to the next step of the attack.

Second part of the attack - download your credentials to Facebook

Phishers who developed this attack try to attack users twice with two different tactics used to acquire Google and Facebook credentials. Once criminals have the login information in your Google Account, they redirect you to a copy of the Facebook login portal. Phishing is clearly targeted at mobile users and the landing page for Facebook displays a mobile connection version.

According to Cashdollar, the first credentials that are collected are the email and password for your Google account. Later, other information can be collected, including:

  • IP addresses
  • browser type
  • location
  • additional personal information

Users should note that the collected data can later be used to steal more valuable credentials from victims in other attacks.

Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *