Tuenti Phishing – Fake password change

The following is a fake mail which can be easily detected in this case by the warning of the Hotmail anti-phishing filter. Anyway it is worth commenting on it since it is quite well elaborated:

Tuenti fake email

The hook is a supposed change of the password in Tuenti, the message includes a new one and a link to cancel the request and log in as usual. Destiny is a false page that copies Tuenti's design, you must carefully observe the URL to notice the deception:

False page that steals the password

Unlike other similar attacks, in this case fake site checks if the password entered by the victim is correct, that is, any data typed in the form is not sent to the attacker. The kit has an application that performs a verification login and displays an error if the password is not the true one:

The fake site checks if the data is correct

The message appears until the victim enters the correct password, then is redirected to the actual Tuenti site. This undoubtedly makes the much more effective attack.

In the email header you can see the origin, I don't think Tuenti is using Russian servers to send messages to its users 🙂

See also: Report phishing from Hotmail or Gmail.