Paul Mutton of the security company Netcraft discovered that the phishers use Facebook's TLS certificate to create "highly convincing" scams that can go unnoticed by most users.
Phish uses an iframe (*) to display a Facebook verification form within a social network application (the URL is apps.facebook.com and something else, as you will see in the pictures below).
Of course, this form is not from the social network but comes from an external Hostgator website that uses HTTPS and Facebook's certificate.
This combination means that browsers will not alert their users to the imminent danger.
Once the victims are logged in from the iframe-served form, a second fake login form will appear to indicate that the first items were incorrect. It will ask the victims to connect again.
After the second successful login, another page is displayed (when the user submits the information for a second time), claiming that the victim will receive an email confirming the verification within the next 24 hours.
"The scammers are using Facebook's login platform to launch remarkably convincing phishing attacks against FaceBook users," says Paul Mutton.
See pictures:
"To deceive even the one who is still suspected, the phishing site pretends that the first credentials were wrong."
Way recognition: The social networking page URL does not contain the word apps.
How to protect? From the settings του λογαριασμού σας προσθέσετε τον έλεγχο ταυτότητας two factors.
____________________
(*) iFrame is the technique of viewing one page through another. In iGuRu.gr for those who remember we used iFrame to display the iGuRu.News forum that was set up on another server on a iGuRu.gr website.