Skip to main content

Phishers hooking Facebook, Twitter, Google, Yahoo passwords

posted onMay 8, 2012
by l33tdawg

Scammers have launched a campaign preying on users of OpenID in an attempt to steal log-in credentials, according to Barracuda Labs.

Barracuda security researchers Dave Michmerhuizen and Luis Chapetti say they are seeing specially built log-in pages that appear similar to pages used as part of the OpenID authentication process. When users type in their credentials, the data is collected by a rogue website, which sends back a message that the credentials have been validated.

OpenID is a protocol that allows users to log into one Web site using their credentials from another Web site - typically Facebook, Twitter or Google. The researchers said the scam uses one of two e-mail messages. One directs users to a compromised real estate page in Australia and the other appears to be a UPS notification and re-directs users to a fake UPS log-in page.

Source

Tags

Industry News Facebook Twitter Google Yahoo Security

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th