Security Audit

Our Web Application Pentest ( WAP) attempts to address the Owasp top 10 & SANS top 20 web application vulnerabilities and other exploitable loopholes of your web application . Along with it our WAP team also test web applications for Business logic flaws that can directly or indirectly effect the functioning of application.

Trainings

We are here to help you solve your biggest query- where and how to start? CDI has brought various courses in Ethical Hacking in Chandigarh where all you technology lovers will be given the much needed push to move forward and create a niche for yourself in the field. From Beginner to Expert level we have many kinds of training patterns.

Call Us : +91-771045-0011 | +91-771045-0022

Be Careful Facebook Users! Scammers Are Using Pornographic Images to Hack Your Account!

 

 

Few days ago, Maxime Kjaer named researcher found some malicious Chrome Extensions (“Age Verify” etc.) which were allowing hackers to steal login credentials of innocent Facebook users. After investigation, all these extensions had been blacklisted by Google.

Recently, a new Facebook phishing scam has been detected by researchers. In this latest scam, hackers are spreading malicious pornographic images to trap the innocent users. Phishing filters of Facebook are not detecting these type malicious links. Hackers are showing interest in the social profiles of innocent users. It has its own reasons.

 

SignUp at: https://www.cyberintelligence.in/sign-up/ to be a part of "Cyber Defence Intelligence."

 

How to Recognize These Malicious Links?

Scammers are using Facebook groups to spread these links. They are posting pictures of “Nude Girls” with a fake play button, as a comment on group posts. To make it look like a genuine picture they are writing some text in description such as “This video already has thousands of shares, thousands of like and thousands of views”. Here is an example of it:

"Groups Russian-Teen-Girls-18-CLICK HERE to Watch. It already has 400 Share, 900 Comments, 5.550 Likes, 8000 Views”.

 

How These Pornographic Images are Hacking Accounts?

When Facebook user clicks on these links, browser redirects him/her to a third party website. The index page of that website looks like Facebook. A login form has been added by hackers on the page to steal login credentials of user. Normal user think that it is a webpage of Facebook. When users fills the login details and clicks on the “Login” button, scammers got the account credentials of victim through command and control (C&C servers). To keep the victim busy, fake survey questions have been planned by the scammers. In some cases, a pop up is occurring which is telling the victims to “Install Flash Player Plug-in”. This could be more dangerous as compared to normal attacks. In normal phishing scam, hackers will only get Login credentials of Facebook, but installation of these malicious “Plug-ins” may give the full control of system to the hackers.

 

Motive of Hackers behind this Scam?

  • To steal the Login Details of Facebook Accounts.
  • To earn more revenue by liking pages from the hacked Facebook accounts.
  • Getting More Likes on their Facebook Page.
  • To spread Malicious Links, because an average Facebook user is connected with minimum 500 people.
  • By hacking Facebook accounts, scammers could try the same credentials on other social profiles such as Twitter and LinkedIn. Because 50% people used the same password and username on the social profiles.

 

Reason: Why Hackers hack Normal user’s social media accounts?

 

Security Tips for Facebook Users

  • Never click on such type of links. Also avoid other “Tagging Friends” links such as, “Click to know who your best friend on Facebook”.
  • Logged into your Facebook account from official App and from Official Website. Never use third party Facebook links.
  • Google is already blocking this type of phishing domains but hackers are using a number of websites with different domain names.
  • Recognize the video links and images. If there is a video post, when you will stop at that link it will start automatically. If there is a post which contains “Play Button” and not starting itself when you stop on it, it is a malicious link.
  • Use different username and passwords for different social profiles.

Leave a Reply

Name
Email id
Contact No
Comment

See more of Cyber Intelligence by logging in.
Connect with cyber security experts,Discover job opportunities,Online Training, Information Security Advisory and lot more.