Barracuda Labs Warns of OpenID Phishing Attacks
A fake sign-in page is designed to steal victims' user names and passwords.
Barracuda Labs security researchers are warning of a new phishing attack that redirects users to Web pages mimicking OpenID portal pages.
"The emails that kick off the scam appear to come from real estate companies such as Re/Max, with a subject line reading 'Properties for sale,' and a message inviting you to 'kindly check out the new beautiful and cheap properties for sale around your area. Click on the link below,'" writes SecurityNewsDaily's Matt Liebowitz. "The 'link below' is, of course, the problem: Clicking it redirects your browser to a rigged website, which then serves up the fraudulent OpenID sign-in window."
"After the victims enter their credentials and press the Sign In button, the username and password are immediately transferred, in plain text, to a server controlled by the cybercriminals," writes Softpedia's Eduard Kovacs. "To avoid raising suspicion, a redirect then occurs to a legitimate site."
"There are excellent reasons to use OpenID," note Barracuda Labs researchers Dave Michmerhuizen and Luis Chapetti. "Website administrators don’t have to store and care for a password for your account, and you can reduce the number of of user accounts and passwords that you manage. The flip side is that if you are going to choose to use an OpenID provider, such as your favorite email account, you need to be very observant and make certain that your credentials are being requested using a secure connection to the provider’s servers."