VIVAnews – Facebook is a social networking site selling in Indonesia. In fact, according to Alexa, Facebook is the site most visited by Internet users in the country, on the Google, Yahoo, Blogger, or YouTube.
The high popularity of Facebook had been exploited by cyber criminals, or the term cool cyber-criminal. They had built a version of Indonesia Facebook site that aims to fraud (phishing). Users who was trapped would deliberately submit information username and password of their Facebook accounts to crime.
“If at first glance, the look of this fake Facebook site is similar to the original, including the availability of registration for new users. So too with icons, images, title pages and other elements commonly found on the main page of Facebook as the recently opened, “said Brama Setyadi, a practitioner of the technology VIVAnews, October 26, 2009.
“The only thing that makes this page different from the address, namely http://facabook.co.tv/indonesia,” said Brama who initially got these phishing messages in inboks his Facebook account.
In the original Facebook page, Brama mentioned, the data the user entered login will be sent using the POST method to login.php file in the address “https: / / login.facebook.com ‘.
“Just for info, HTTPS (Hypertext Transfer Protocol Secure) is a protocol used to secure the data transmission path by using encryption,” said Brama. “While sending a fake Facebook login data to a file in the src-login.php http://facabook.co.tv address,” he said.
View original Facebook site
Display fake Facebook site
“From this fact can be seen that the actual page maker did not submit data for authentication purposes, but only record data in a database login to his,” said Brama.
According to reports some of the victims, information on fake Facebook is obtained through Facebook message facility, although the phiser not enter into the list of friends. The contents of the news more or less requires that the potential victims to log into facebook to soon because Facebook’s administrative systems within the current user selection stage. While attaching a false address above, was also ordered to continue phiser made messages to 15 other Facebook users.
So what happens if the user enters credentials information to this page? After recording the data log in the creator’s page will directly transfer to address the real Facebook login. As if the user has one or has not entered your login information.
“You who have already entered your login information at that site, it’s good to change the password that you have Facebook,” said Brama.
Sumber: http://indonesia-hits.com/2009/10/29/awas-facebook-palsu-hadir-di-indonesia/