MillerSmiles provides its weekly phishing analysis for the week of 22nd May 2010 to 29th May 2010

Attacks on Facebook during weekends are unfortunately becoming a trend. For the third weekend in a row users on Facebook are bombarded with messages on their walls talking about Distracting Beach Babes, Sexiest Video Ever or this latest attack which supposedly is the "Most Hilarious Video ever" shown in the screen shot below.

We predicted that this attack would happen again and unfortunately we were right.

This attack is different from previous weekends as not only do the attackers try to steal your Facebook credentials, what happens after that depends on which country you connect from. Once you click on the link to view the video you are taken to a fake Facebook login page where you are tricked into entering your credentials. The login page look like the real thing except of course if you look at the address bar you can see that you're not on facebook.com. But users can easily be tricked into thinking that they temporarily were logged out of Facebook and to continue they have to login.

Regardless of what you enter in the login form you are then taken to a page on the real Facebook site that asks you to allow the application to access your profile. If you allow that you're taken to a page saying that you need to upload your FLV Player to view the video. Up until this point it's similar to how the two previous attacks have worked, except that this new one also has the phishing component. However, what happens now depends on which country you are connecting from.

If you are coming from a US IP address you are prompted to download the FLV Player, which is detected by 35% of antivirus engines, as can be seen in the screen shot:

However, if you're coming from a UK IP address you're taken to a quiz where they have to answer 10 questions.

Once completed the user then gets the chance to win an iPad! All they have to do is to fill in their address. So instead of tricking the user into installing a malicious file, this time they're after your information in addition to your Facebook credentials from the fake login page.

It's very likely that the behavior is different than the two examples we have described depending on which country you connect from. In our testing we only had the ability to test this attack from the US and UK but regardless of where you are connecting from you shouldn't click on the fake video and never, ever give you Facebook username and password to a website that is not facebook.com. We also recommend you to install Defensio, our free security app for Facebook that will protect your wall from posts like this. You can get it from http://defensio.com

Here's a video explaining this latest attack.

May 28, 2010, Alexandria, Va. – Small business is a vital contributor to job creation in the American
economy, said National Credit Union Administration Chairman Debbie Matz today, as she marked the close of National
Small Business Week.

As the effort to affect interchange legislation continues, CUNA and credit union leagues are encouraging credit union employees and members to contact their congressional representatives over the upcoming memorial day recess.

Legislation that would lift the cap on member business lending for credit unions could see congressional action soon after the Treasury this week said it “could support proposals to increase credit union MBLs provided safety and soundness concerns are addressed” and forwarded its own MBL proposal to the hill.

The Financial Accounting Standards Board this week proposed changes that would, among other things, greatly expand the range of financial instruments that are to be measured at market value, including loans.

A Wisconsin judge Tuesday denied motions that sought to block monoline insurer Ambac Financial Group Inc. from settling with 17 banks holding its securities in a restructuring plan unveiled in March by Wisconsin regulators. Ambac’s troubles had contributed to other-than-temporary-impairment charges at corporate credit unions.

Consumers could lose important card choices if the U.S. Congress allows government intervention in setting interchange fees, and CUNA and Independent Community Bankers of America urged House members to reject interchange provisions in a final financial regulatory reform bill.

A man who held a credit union employee hostage during a robbery attempt and who was shot by police responding to the emergency call was sentenced Wednesday to life in prison without the possibility of parole.