The page below was flagged by Commtouch’s GlobalView URL Filtering as a phishing page yesterday. While we admire the authentic look of the page, there are several pointers that give this away as a phishing site (genuine Facebook login page is provided at the bottom of the post for comparison).
- The very idea – “you must confirm your account to stop this warning” – you don’t need to confirm your account and definitely not for the sole purpose of removing a warning. The genuine Facebook email confirmation process happens as part of the signup – it doesn’t look like this.
- The URL (visible) in the address bar – Sites within the Facebook domain will always end in facebook.com
- It’s not using HTTPS – if you’re filling in such important information it should be transported securely over the Internet. Compare this to the genuine page below.
- The requirement to provide you email password – there are some occasions when you might consider doing this – like sharing your contact list with Facebook or LinkedIn. But here the request is out of place. The phishers would like to compromise your Facebook and your email accounts.
- Choose a security question – this is the sort of step you would go through when signing up. At this stage the information is being phished on the assumption that you might have used one of these security questions at another site
- The broken images – shouldn’t happen on a genuine site – and that “confirm now” button is not in the right place
- It’s missing all that neat Facebook stuff at the bottom – like language choice, the ©, info about badges (whatever those are..), etc.