Insights and Research

Attackers Re-create An Entire Facebook Site For Phishing

Attackers Re-create An Entire Facebook Site For Phishing

Most phishing sites consist of one login page with perhaps a few additional pages. However, I recently stumbled upon a Facebook phishing site which cloned all the facebook pages: About, Developers, Adverting, Sign up, etc. and even in all of the 64 languages the original site offers!

Fake Facebook login page
The domain of the phishing site is fersos.ru. hxxp://www.fersos.ru/ gives an error as you have to access it with hxxp://www.fersos.ru/index.html. The website is remarkably well done; all the controls are the same as Facebook.

Fake Facebook sign up page

There is also another Russian domain hosting the same "clone" of Facebook: baksko.ru.

These sites are not yet listed in Phishtank, and they are not blocked by Google SafeBrowsing.

-- Julien

Get the latest Zscaler blog updates in your inbox

Subscription confirmed. More of the latest from Zscaler, coming your way soon!

By submitting the form, you are agreeing to our privacy policy.