Scammers Using Old Login Pages to Phish Users’ Account Info

Be careful what page you enter your usernames and passwords on, or you might just end up giving your account information away to cybercriminals and identity thieves who are eagerly waiting in the wings with their phishing scams.

Phishing has been around for quite some time. It's basically an exploitation technique where fake forms and log-in pages are made to look like the real thing to get the usernames, passwords, or even credit card information of unsuspecting users.

Some sneaky cybercriminals are launching a new wave of these phishing attacks that target bloggers who are using the Tumblr platform. Instead of using a fake version of the current Tumblr login page, they're deploying the older, retired version of the page instead. Experts have reported that the redirection webpage originates from a server located in Sweden.

It's clever in the sense that users will probably think that Tumblr is reverting to an older version of their homepage, so they won't think twice about entering in their usernames and passwords on the site.

Here's how it spreads: an unknown users adds or follows random bloggers on the platform and sends them a message asking them to follow back with a link to the fake login page. Once a user keys in their information, it's immediately sent to the cybercriminal on the other end and it's only a matter of time before more accounts get compromised.

So here's a quick word of advice: check the URL on your browser before you log on to any websites, and if something feels fishy or doesn't look right, leave the site immediately.

Article by Hazel Chua
Gigadgetry: Cool Gadgets, Tech News, Quirky Devices