Phishing Campaign Spreading Across Facebook

Phishers have once again indicated their interest in obtaining fresh passwords for social networking sites, by using the already hacked accounts there in order to social engineer the account holder's friends that the phishing links they leave as comments are legitimate. This latest internal phishing campaign circulating across Facebook, is a part of a bigger phishing operation, whose reliance on fast-fluxed domains used in the campaign indicates it's a part of a botnet.

Sample messages spammed across Facebook :

"hey, howdy?? oh lisen i got a new friend here shex kinda new on facebook..maybe you can give her a lil tym so she can enjoy here?? not forcin u but u can chk out =)"

"i got a new friend here..shex kinda new here..maybe you can give her a lil tym so she can enjoy here?? not forcin u but u can chk out =)...her profile is"

"hi, watsup?? luk i want you to add ma new friend, as she is new here maybe you can give her lil time so she enjoys her online stay :P her profile is"

Sample phishing URLs and fast-flux domains from this campaign :





Related phishing domains sharing fast-flux infrastructure with one another :

They also seem to be in a process of diversifying the social networks to be attacked, having Hi5 in mind -

Related posts:
Large Scale MySpace Phishing Attack
Update on the MySpace Phishing Campaign
MySpace Phishers Now Targeting Facebook
MySpace Hosting MySpace Phishing Profiles


Post a Comment

Note: Only a member of this blog may post a comment.

My Instagram