What's an H15 GLITCH?

[Don Jibaro]

JIBAROS USER QUESTION: 

DJ --- What's an H15 GLITCH?  I hope your computer is not damaged.  I do agree Facebook is on the busy side.  I hope we don't lose you.  Not many Puerto Rican's out here in the States to keep us on the up and up on things.  

 
Hola!

JUST LIKE inFACEBOOK and TWEETER...In Hi5, users create an online profile in order to show information such as interests, age and hometown and upload user pictures where users can post comments. Hi5 also allows the user to create personal photo albums and set up a music player in the profile. Users can also send friend requests via e-mail to other users. When a person receives a friend request, he may accept or decline it, or block the user altogether. If the user accepts another user as a friend, the two will be connected directly or in the 1st degree. The user will then appear on the person's friend list and vice-versa.

There's a new phishing campaign targeting the users of the Hi5 social network. The e-mails masquerade as a friend invitation, and the contained link directs the users to a fake login page.

It's no news that identity thieves are using social engineering tactics in order to trick unsuspecting users into handing over their personal information. Such techniques are particularly effective when applied to social networks, where the practice of trusting people added to a friend list with more detailed personal information is rather common.

The latest spam targeting the Hi5 users is no different, in this respect, as J. Legare, malware analyst at SophosLabs Canada, explains. “This phishing campaign could be an attempt to steal login and password information from legitimate hi5.com users, as well as all the information that this login and password can unlock,” he notes.

For an untrained eye, the fake e-mails are hard to differentiate from the legit invitations sent by the users of the social network. They employ the same design and, of course, the picture of a pretty girl is attached  to the deceptive one in order to entice interested men into rushing to accept the alleged friend invitation.

Obviously, adding someone to the list of friends requires user authentication, so one would expect the link included with the invitation to open the Hi5 sign-in and registration page in their browsers. This is where the phishers hope that people are not paying attention, because the page that opens, even if closely resembling the legit one, is hosted on a .vc domain.

I'll be writing more on this...

IN THE next few days!

This is BIG

Peace

DJ

 ~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.

"We played you happy songs, and you weren’t happy, 
so we played you funeral songs..." (Matthew 11:17)

~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.