Security News New Phishing Tactic Targeting Facebook Users Relies on Padding URLs with Hyphens

[LASER_oneXM]

...quotes from the artcle above:

Security researchers from PhishLabs have come across a new phishing trend that's targeting mobile device owners exclusively, with "the highest proportion of attacks" aimed at Facebook users.

This new tactic relies on the fact that mobile browsers have very narrow URL address bars, which prevents users from viewing the entire contents of a link. Phishers are taking advantage of this UI inconvenience to pad URLs with subdomains and hyphens, making some links look authentic on mobile devices.

For example, take the following URL, seen by PhishLabs experts in real-world attacks:


hxxp://m.facebook.com----------------validate----step1.rickytaylk[dot]com/sign_in.html


The real domain of this website is rickytaylk.com, and not "m.facebook.com". Because a mobile browser will show only the first part of the URL, users will see only the "m.facebook.com" section, followed by an endless stream of hyphens.

Attack only works against inattentive users
Inattentive users will be fooled to think they're on the mobile login page of the real Facebook and give away their credentials to these crooks.

PhishLabs experts say that in most cases, attackers use these credentials to spam a user's friends, and also send their phishing pages to other users, spreading the infection to others.

Most phishing attacks using this technique have targeted Facebook users. Experts say they've seen this same tactic also deployed against services such as Apple iCloud, Comcast, Craigslist, and OfferUp.