Phishers create fake FB ID of Kejriwal

Symantec found that the phishing site was hosted on servers based in Lansing, Michigan

Cyber criminals are all geared up to cash on the election fever gripping the nation. Phishers have started to target Indian users by using Arvind Kejriwal and his party Aam Aadmi Party as bait, said a study.

Security solutions and product firm Symantec recently observed a phishing site which spoofs Facebook’s appearance and includes Arvind Kejariwal, the former chief minister of New Delhi and leader of the Aam Aadmi Party. The phishing site was hosted on servers based in Lansing, Michigan in the US.

The phishing site, titled “Unite With Us Against Corruption”, uses a poster of the Aam Aadmi Party along with a fake Facebook “like” button. The site’s background image is a picture of the party’s leader Arvind Kejariwal and his latest Twitter tagline, which states that “Political revolution in India has begun. Bharat jaldi badlega.”

After clicking on the “like” button, users are prompted to input their Facebook login credentials so that they can “like” the Aam Aadmi party page. After the user enters their login credentials, the phishing site redirects the user to an acknowledgment page. The Web page then asks the user to click another “like” button. The email address entered in the previous login page is now displayed on the acknowledgement page. The “like” button is placed beside a fake number that claims to show the amount of likes the party has already gained.

However, the button is just a dummy and does not perform any functions. If users fell victim to the phishing site by entering their personal data, phishers would have successfully stolen their confidential information for identity theft purposes.

Popular events and occasions have always been targeted by cyber criminals to dupe internet user in sharing confidential data.

According to Kaspersky Lab's they are detecting 315,000 new malicious files every day in 2013. This is significantly up from 200,000 of 2012. India ranks 14th in the top 20 countries with the highest risk of computer infection via internet.

In February, social networking sites remained the most popular phishing target in India. Email services were second in the rating of targeted organizations, while Financial and e-pay organisations came third with a slight increase of 1.1 percentage points in their share of phishing attacks, said a note from Kaspersky Lab.

"Spammers are becoming more intelligent in masking their messages under the garb of offering something genuine to the recipients. And once unsuspecting users have clicked or downloaded the email attachment, Trojans are downloaded without the user's knowledge, which are capable of stealing data or even holding the data at ransom (encrypting the data and demanding money to decrypt the data, like CryptoLocker). Internet users in India should start taking their digital security seriously," said Altaf Halde, Managing Director, Kaspersky Lab - South Asia.