, 2009-10-19
With the recent attention on SMS spam, let's not forget to be careful on IM, that other favourite medium for spreading social engineered links.
I recently received a message from someone who sent me this link:
Which lead to a website where the user can supposedly view the uploaded photos by entering their MSN log-in credentials:
Yep, more password-stealing madness.
Incidentally, that same website was recently registered on 16 Oct 2009 in China, and shares the same IP as a bunch of other "truth"-type sites: your-lolful-truth.com, face-real-truth.com, face-the-truth.com and joseccmonteiro.your-lolful-truth.com.
---
WebSecurity team post by - Choon Hong
On 19/10/09 At 05:44 AM
