Link Banner

Awas, Facebook Palsu Hadir di Indonesia


VIVAnews – is a social networking site selling in Indonesia. In fact, according to Alexa, is the site most visited by Internet users in the country, on the Google, Yahoo, Blogger, or YouTube.

The high popularity of had been exploited by cyber criminals, or the term cool cyber-criminal. They had built a version of Indonesia site that aims to fraud (phishing). Users who was trapped would deliberately submit information username and password of their accounts to crime.

“If at first glance, the look of this fake site is similar to the original, including the availability of registration for new users. So too with icons, images, title pages and other elements commonly found on the main page of as the recently opened, “said Brama Setyadi, a practitioner of the technology VIVAnews, October 26, 2009.

“The only thing that makes this page different from the address, namely ,” said Brama who initially got these phishing messages in inboks his account.

In the original page, Brama mentioned, the data the user entered login will be sent using the POST method to login.php file in the address “https: / / ‘.

“Just for info, HTTPS (Hypertext Transfer Protocol Secure) is a protocol used to secure the data transmission path by using encryption,” said Brama. “While sending a fake login data to a file in the src-login.php address,” he said.

View original site
Display fake site

“From this fact can be seen that the actual page maker did not submit data for authentication purposes, but only record data in a database login to his,” said Brama.

According to reports some of the victims, information on fake is obtained through message facility, although the phiser not enter into the list of friends. The contents of the news more or less requires that the potential victims to log into to soon because ’s administrative systems within the current user selection stage. While attaching a false address above, was also ordered to continue phiser made messages to 15 other users.

So what happens if the user enters credentials information to this page? After recording the data log in the creator’s page will directly transfer to address the real login. As if the user has one or has not entered your login information.

“You who have already entered your login information at that site, it’s good to change the password that you have ,” said Brama.


{ 0 comments... or add one}

Posting Komentar