A blog reader sends me the following case of phishing that, in addition to stealing passwords and sending spam, redirects to subscription pages by SMS. It all starts with a fake message that is sent from a compromised account:
Hello, I have to tell you something. This message is for you to see only t.
Read the message: http: // [deleted] /? Message = a159fba18027084257
Let me know what you think.
If the user thinks the message is real and clicks on the link, it ends up on a page like the following:
As you can see, the password is requested from the mail, when entering it the attackers can use it to continue spreading the spam. Finally, the victim is redirected to some promotion or subscription page by SMS that allows them to earn money as affiliates:
If you cast, change the password:
Detecting these tricks is easy, because you simply do not have to enter the password in strange places. If you already did, change it as soon as possible since from your account they will be able to send spam messages to all your friends.
Thanks Gustavo for sending it.
See also: If you like this page, give us your password They told your secret, be careful with that site.