Her Paul Mutton companysecurity Netcraft has discovered that phishers use Facebook's TLS certificate to create "extremely persuasive" scams that can go unnoticed by most users.
Phish uses an iframe (*) to display a Facebook verification form within a social network application (the URL is apps.facebook.com and something else, as you will see in the pictures below).
Of course this form is not from the social network, but it comes from an external Hostgator website that uses HTTPS and the Facebook certificate.
This combination means that browsers will not alert their users to the imminent danger.
Once victims log in from the form served as an iframe, a second fake login form will appear claiming that the first data were wrong. It will ask victims to log in again.
After the second successful login, another page is displayed (when the user submits the information for a second time), claiming that the victim will receive an email confirming the verification within the next 24 hours.
"The scammers are using Facebook's login platform to launch remarkably convincing phishing attacks against FaceBook users," says Paul Mutton.
See pictures:
"To deceive even the one who is still suspected, the phishing site pretends that the first credentials were wrong."
Way of identification: The social networking page URL does not contain the word apps.
How to protect? From your account settings add control identity two factors.
____________________
(*) iFrame is the technique of viewing one page through another. In the iGuRu.gr for those who remember we used iFrame to display the iGuRu.News forum which was set up on another server on an iGuRu.gr website.