Facebook turns its users into cybercrime detectives

This is Facebook’s actual login page, but phishing attackers have gotten good at tricking people into entering their credentials into spoofed pages that look identical to this one.

With nearly a billion users, Facebook is a prime target for attackers looking to steal usernames and passwords.

Simple attacks known as “phishing” are surprisingly effective at tricking users into handing over their login credentials. By creating malicious Facebook messages or emails believed to be from Facebook itself, cyber thieves trick unsuspecting users into connecting to malicious sites masquerading as legitimate sites.

Facebook (FB) has gotten pretty good at eliminating phishing attacks within its own virtual walls, but it hasn’t been able to do anything about attacks that land in its users’ inboxes.

That’s why the social network launched [email protected], an email address to which users can forward suspected phishing messages. Facebook will analyze the message and determine where and who the malicious email came from.

“We have a pretty strong team here to deal with the bad actors,” says Mark Hammel, Facebook engineer and malware researcher. “This will give us additional visibility into people’s email inboxes, where there was no good feedback mechanism in place.”

After a user sends a suspected phishing email to Facebook, the company’s e-crime team will note the URL of the spoofed login site the attackers were trying to send the user to. They will then send this URL to third parties such as browser manufacturers and search engines, in an attempt to blacklist the site. Facebook will also work with ISPs and web hosts to get the site completely removed from the web.

Related Story: PC Viruses Are Mainly Your Fault, According To Microsoft

It’s like a game of Whac-a-Mole. Phishers rarely maintain their sites for more than a few days, changing URLs to avoid blacklists and withdrawals. That’s why Facebook is working with external parties like the Anti-Phishing Working Group, a global consortium of tech companies and law enforcement agencies, to track down bad serial actors.

Once Facebook knows who is behind an attack, it will issue cease and desist orders or file criminal complaints.

Facebook said it was difficult to determine the number of attacks suffered by its users. He hopes the new email address will help him understand the extent of the problem.

According to Semi-annual report of the anti-phishing task force, it’s pretty massive. As of February, the group was tracking 56,859 unique phishing sites. The biggest method of malicious PC attacks is phishing, according to the latest Security Intelligence Report of Microsoft (MSFT).

Almost half of clicked phishing attempts targeted social networks such as Facebook, according to the Microsoft report.

Facebook is far from the only Internet company working on a phishing solution. Google (GOOG) has a phishing form users can fill in to report malicious websites. Ebay (EBAY) encourages customers to email [email protected] when they suspect a phishing attack. Twitter controls a @mail manage to report accounts that are configured for phishing.

CNNMoney (New York) First published on August 9, 2012: 9:07 a.m.ET

Source link

James F. So