Fake Voting Site Used as Lure for Facebook Phishing Scam

Cybercriminals have come up with a new scheme to trick Facebook users into handing over their credentials. They’ve launched a bogus voting campaign to lure potential victims to a phishing site. According to experts from Symantec, the phishers have set up a bogus voting website where they ask users the question “Who is greater boys or girls?” Once they cast their vote, internauts are asked to log in to their Facebook accounts and say if they’re male or female.

In the final phase of the scheme, victims are told that their vote has been successfully submitted. The voting site is hosted on a domain that looks something like this: http://smartapps[domain name].com. This makes the whole thing look more legitimate.

The counter showing the alleged number of votes for boys and girls is designed to increase. This also makes the rogue application more legitimate-looking. Although it might seem so at first glance, the voting campaign doesn’t have anything to do with Facebook. When users log in, they’re actually handing over their credentials to the cybercriminals.

The scammers are aware of the fact that many Facebook users take part in such games every day without giving it too much thought. It wouldn’t be surprising if this campaign managed to harvest a large number of account credential sets.

More details & screenshot: http://news.softpedia.com/news/Fake-Voting-Site-Used-as-Lure-for-Facebook-Phishing-Scam-436218.shtml