News

Phishing attack on Facebook leverages iframes

Popular social networking site, Facebook being used for phishing attacks and open redirects, claims Websense Security Labs.

By
  • SearchSecurity.IN Staff
Published: 01 Dec 2010 5:00

Social networking site, Facebook was recently used to conduct a phishing attack, claims an alert from Websense Security Labs. The phishing attack displayed pages for various services and also redirected users to phishing pages hosted elsewhere. The following two emails provide a clearer picture of the phishing attack:

http:/community.websense.com/resized-image.ashx/__size/550x0/__key/CommunityServer.Blogs.Components.WeblogFiles/securitylabs/8508.facebook_5F00_phishing_5F00_1.jpg

Just like another phishing attack, this email from Facebook Security requests the user to confirm his account. However, the phishing page is loaded from within the Facebook site using an iframe, which makes it appear legitimate.  

http:/community.websense.com/resized-image.ashx/__size/550x0/__key/CommunityServer.Blogs.Components.WeblogFiles/securitylabs/5050.facebook_5F00_phishing_5F00_2.jpg

The second email contains an additional URL at the endwww.facebook.com, which redirects the user to another site with a phishing page.

As both the mails point to valid Facebook URLs, it becomes difficult for the user to spot the phishing attack. The valid links also make it tougher for the anti-spam and Web filtering products to protect the users, as they classify content based on URL filtering.

The link below redirects to the video of the phishing attack on Facebook, which shows a variant that looks like a Zynga account notification.

Advanced Classification Engine

 

 

 

 

 

 

 

 

 

 

 

 

Read more on Data breach incident management and recovery