BannerPortlet

Blogs

Have you ever accessed faceboook.com? At a glance, you may mistake this domain for the most popular social networking site, Facebook.com. However, with a closer look, you will definitely see the difference: “book” has been replaced by “boook”. This fake domain has been employed by hackers to fool users. Since there is a huge number of Facebook users, the probability of mis-typing is quite big.

Upon mis-typing and accessing the fake domain “faceboook.com”, users will be redirected to another website with Facebook-styled interface.

Figure 1: The browser redirects users to another website upon their mis-access to faceboook.com

Based on users’ IP, hackers are able to identify which countries they are in and will redirect users to a website with corresponding language. This shows bad guys’ effort to develop a phishing network in many nations in the world.

Bad guys have created a quite attractive scenario: you have been selected to take part in a celebration and have chance to get one in three gifts, namely an iPhone 4, a Macbook Air or an iPad.

Figure 2: The browser redirects users to another site upon their mis-access to gmial.com

However, to get this gift, you have to answer some questions and send a message to a switchboard provided by hacker, which of course is not free. As a result, you will lose an amount in your phone account.

Figure 3: Guidance to send message

As far as I see, hackers have registered a lot of domains faking popular websites to serve this campaign such as:

Fake domain Genuine domain
Faceboook.com Facebook.com
Twittter.com Twitter.com
Yooutube.com Youtube.com
Gmial.com Gmail.com

If you happen to know any more fake domains like these, report to us.

Due to the campaign’s large scale, there is a quite large number of people mis-typing domain name and redirected to the phishing site.

Figure 4: A week after domain registration, traffic rank of phishing site reached an alarming figure (source: Alexa.com)

To avoid falling victim to bad guys’ traps, users are recommended to verify the domain they type, if the content displayed is different from the one they still visit.

Bkis

Leave a Reply

Name (required)
Mail (hidden) (required)
Website
Text to Identify
Reload-Capcha
CAPTCHA Code *

Popup Date Time Portlet

Blogs Aggregator

Blog Category Portlet

Categories

Store Portlet

Archives

Vote Baby Portlet