According to the "2012 threat Report" released by the Websense Security Lab, we see phishing attacks based on social networks becoming increasingly rampant, and have even become the main channel for hackers to successfully conduct data theft attacks. Recently, the Websensethreatseeker network has detected on Sina Weibo is happening together with the latest profit-for-purpose fishing attack activities, due to the time, the hacker design phishing information has been sent and forwarded more than 3.2 million times. Sina has more than 300 million registered users, the impact of this attack will not be underestimated.
In the case of the phishing attack, the attacker first attacked and controlled some of the normal meager accounts before using the accounts to disseminate the phishing information. These accounts are set up to use phishing information to forward and comment on every tweet of all the objects of interest in the account, and the forwarded information will be displayed as a meagre release of the account, so that the attacker will send the phishing message to both the fans and the followers of the controlled account. By this fishing attack to do "bait" is an award-winning notice, told users they "Lucky" was selected as the winner, once the user clicks on the notice in the shortened URL address, will enter a bona fide phishing website.
Screenshot 1: Fishing Micro Blog
The attackers used multiple versions of the bait, but the same thing was done slightly to tweak the word, or to add random tags to the shortened URL address. This piece of information, as shown above, has been forwarded more than 3.2 million times, and the data will continue to climb at this time.
The victim clicks on the link and is directed to a phishing website disguised as the official Sina platform. Visitors here are informed that if they want to collect valuable Lenovo "gifts", or even take the luxury award "Toyota Camry", they need to pay a certain percentage of the prize tax. Of course, these so-called taxes will only go into the fisherman's pocket white. It is also noteworthy that the phishing site also requires users to fill out personal information, such as name, mailing address and account information, which may bring another heavy crisis to the user.
Screenshot 2: Phishing website
At present, there are still many netizens are accustomed to use the same account and password to register all the relevant network applications, in the current threat to the world this is a terrible thing. Looking back at last year's csdn leak case and its horrific domino effect, you can't take it lightly. If you don't want your microblog to become an attacker's puppet and endanger your friends or business, Websense recommends that you change your account password regularly.
In addition, security experts at the Websense Security Lab point out: "Social networking is a network based on trust and sharing, which makes cyber-crime a fast and efficient way to spread malicious code in an attack." Here, the perpetrator only needs an appropriate bait, which may attract most users to the bait and click on an infected link. And the people who are affected are the friends and fans of these users who may not hesitate to click on the links posted by these users, and eventually spread the infected users gradually. The phishing attack on Sina Weibo is one of the most successful micro-phishing cases we have seen at the moment. From a commercial point of view, these phishing attacks have a very bad impact on the network, so enterprises must have the right real-time protection measures. Of course, infected users must immediately change the account password, if you are using the same set of user names and passwords on other sites, you also need to make password changes. ”
Websense customers do not have to worry about such phishing attacks, Websense advanced classification Engine (ACE) will protect you from a variety of security risks.