- The campaign was discovered by Antoine Vincent Jebara of Myki, a security company that specializes in password-managing software.
- It reproduces the login prompt exactly like the one found during Facebook login, with all the minute details mirrored from the legitimate login page, using an HTML block.
A new phishing campaign is on the prowl which wears the guise of a Facebook login prompt to capture even the smartest Facebook users.
Discovered by Antoine Vincent Jebara, Co-founder & CEO of Myki, the phishing attack is based on an HTML block designed to look like the real Facebook.
Fake yet highly realistic login prompt
Whenever users visit the malicious site used in the campaign, they are asked to log in through Facebook in a prompt. In fact, the status bar, navigation bar and other aspects of the prompt are exactly reproduced like Facebook.
If users fill in their credentials in this prompt, the information will be passed on to the attackers in the campaign. To uncover the trickery, the prompt can be dragged away from the main screen and can be closed.
Jebara also shared a video demonstrating the sophishticated design of this phishing page.
“The only way to protect yourself from this type of attack is to actually try to drag the prompt away from the window it is currently displayed in. If dragging it out fails (part of the popup disappears beyond the edge of the window), it's a definite sign that the popup is fake,” suggests Jebara in his blog.
The fake prompt is so realistic that even security features such as ‘HTTPS’ are replicated in the prompt. Hence, Jebara advises Facebook users to stay away from sites which have pop-up windows asking sensitive information which could turn out to be malicious phishing pages.