Facebook Phishing Attack Happened To Syrian Activists On The Social Network

Recently, an ongoing Facebook phishing attack on Syrian pro-revolution forums on Facebook has been detected by the researchers from EFF (Electronic Frontier Foundation). The Syrian Facebook users who are trying to remain active in some sense of political awareness use Facebook as their platform for expression. The freedom that they do not get otherwise from the Syrian media is provided by Facebook. Now they are target of a phishing attack on Facebook.


According to ZDNet:

The spamvertised phishing URL hxxp://l0gin1.cixx6.com//photo-php=/426519_333998546633128_33140461 0225855_1082043_158875083/login/facebook/en/?i=1561 is currently returning a 404 Not Found error message. It spreads via postings within Facebook Groups, and also through personal spamvertising courtesy of compromised Facebook accounts.

The excerpt from their message reads:

The screenshot below displays the link in a comment under a pro-revolution video. The phishing link is accompanied by the following text in Arabic: Urgent and critical.. video leaked by security forces and thugs.. the revenge of Assad’s thugs against the free men and women of Baba Amr in captivity and taking turns raping one of the women in captivity by Assad’s dogs.. please spread this.

The campaign had been found to be similar with the previous “Fake YouTube sites target Syrian activists malware” campaign, which was also detected by the EFF. There should be more such cybercrime detection agencies and organizations which can detect localizing of texts, messages and fake websites into native languages which helps in deceiving the intended victims.

There are many phishing campaigns going on Facebook and the social network should also create a team of its own to fight it out. Google is doing a tad better job than Facebook at this as Google’s Safebrowsing detects these phishing sites earlier. Hence, the only advice that EFF could give is to remain alert from both known and unknown sources which can deceive all the same.

When a phishing attack comes, no one knows unless there is safe browsing in place. Facebook should look into the matter and help out the Syrian activists who are trying to in fact use Facebook’s platform in a constructive way of spreading ideas against tyranny.

Leave a Reply