Security researchers at Internet Security firm Sophos have identified a new phishing scam, wherein attackers reportedly send a well-drafted e-mail informing users that their account is suspended due to violation of terms of service. The fraudulent e-mail further intimates users that their Facebook account is permanently suspended, and will not be reactivated as they have not replied to an earlier notification. The fraudsters claim to represent the security team of the Facebook. The e-mail attempts to lure users into click on a link to verify their account, in case they feel that they have not violated any terms of the social networking service. The e-mail tries to create urgency by setting a time frame of 12 hours for verifying the account on the provided link.
Users of the popular social networking site, who fall prey to the scam and click on the link, are directed to a fake, but seemingly legitimate page, wherein they are asked to provide personally identifiable information such as name, e-mail address, password, date of birth, first six digits of a payment card number, country, security question and answer. The fake page even has official images of the social networking site, making difficult for users to doubt the authenticity of the web page. However, the URL of the fake link begins with a prefix and has a spelling mistake, which could be detected by a vigilant Internet user.
Cybercriminals may use the extracted information to gain unauthorized access to legitimate Facebook accounts and extract more personal information and photographs. They may also leverage the tendency of using common passwords to compromise Internet shopping, banking or webmail accounts. They may also attempt to drop malware or extract financial information by sending phishing e-mails directly to the e-mail address of the victims. Professionals must stay updated on latest threats and improve their capabilities through e-learning and online university degree programs.
Internet users must be vigilant and avoid clicking on suspicious links, wary of account termination messages, or messages urging to undertake surveys, and those seeking login credentials or financial information. Organizations must analyze the security risks at regular intervals, identify threats, alert users, and initiate remedial measures. Professionals qualified in computer science degree and masters of security science may help in making appropriate assessment of security risks and eliminating security threats.
Social media sites are the favorite destinations for cybercriminals. Recently, Chinese microblogging site Sina Weibo suffered worm attack. Security blogs and e-flyers containing cyber security tips may help create awareness among Internet users. Internet users may also take advantage of online degree programs and e-tutorials to improve online computing practices.
Contact Press
EC-Council
Website: http://www.eccuni.us
Email: [email protected]
Tel: 505-341-3228
EC-Council University is based in Albuquerque, New Mexico and offers Master of Security Science (MSS) degree to students from various backgrounds such as graduates, IT Professionals, and military students amongst several others. The MSS is offered as a 100% online degree program and allows EC-Council University to reach students from not only the United States, but from all around the world.
EC-Council is a member-based organization that certifies individuals in cybersecurity and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world.
EC-Council has trained over 80,000 individuals and certified more than 30,000 members, through more than 450 training partners globally. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government via the Montgomery GI Bill, Department of Defense via DoD 8570.01-M, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates the global series of Hacker Halted security conferences.
