Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Response

Phishers use glamour model images as bait, steal Facebook user logins

New phishing campaigns mimic Facebook’s branding and display images of glamour models to lure victims.
Created: 26 Aug 2014 08:40:29 GMT
Avdhoot Patil's picture
+1 1 Vote
Login to vote

Celebrity lures continue in the world of phishing. We have seen several phishing sites in the past that used altered celebrity images to get users’ attention. Today, we have a couple of examples in which phishers continued their celebrity  promotion campaigns with glamour models Martisha and Denise Milani. These phishing sites are typically developed for the purpose of stealing personal information from a large number of these celebrities’ fans.

In one campaign, the phishing page spoofed Facebook’s branding and contained an image of glamour model Martisha along with a message in the Arabic language. This message translates to “Chat with Arab boys and girls on Facebook”. The phishing site gave the impression that the user could get involved in adult chats when they entered their login credentials. In reality, after the user inputted their login credentials, they were redirected to the legitimate Facebook login page while their information was sent to the phishers. The phishing site was hosted on servers based in Damietta, Egypt.

Figure 1: Phishing site with image of Martisha

In another campaign, the phishing site also mimicked Facebook’s appearance in order to obtain user login credentials. The background image contained a photograph of Denise Milani from a previous modeling photo shoot. The phishing site’s appearance suggested that the user could gain access to adult material when they entered their login credentials. However, as with the previous phishing campaign, once the user submitted their login credentials, they were redirected to the legitimate Facebook login page. This phishing site was hosted through a free Web hosting service. If the user became a victim to these campaigns, the phishers would have successfully stolen their information for identity theft purposes.

Figure 2: Phishing site with image of Denise Milani

Symantec advises users to follow these best practices to avoid becoming victims of phishing attacks.

  • Check the URL in the address bar when logging into your account to make sure it belongs to the website that you want to visit
  • Do not click on suspicious links in email messages
  • Do not provide any personal information when replying to emails
  • Do not enter personal information in a pop-up page or window
  • When entering personal or financial information, ensure that the website is encrypted with an SSL certificate by looking for the padlock icon or “HTTPS” in the address bar 
  • Use comprehensive security software, such as Norton Internet Security or Norton 360, to be protected from phishing and social networking scams
  • Exercise caution when clicking on enticing links sent through emails or posted on social networks