tech2 News Staff

This year there is something different about the elections. That's because candidates have taken the battle to the social media, which has never before been used at such scale for electoral politics.

While candidates are trying to reach to audiences by forming Groups on Facebook and amassing supporters on Twitter, cybercriminals are also leveraging the situation by using politicians as bait. A new report by Symantec reveals how a phishing site has been spoofing Facebook and tricking users to give away their credentials. It does by including an image of Arvind Kejriwal, the ex Delhi CM and the leader of the Aam Aadmi Party, as well as his quotes and images of AAP. The phishing site was found to be hosted out of servers based in Lansing, Michigan in the US.

The fake Facebook is titled ‘Unite With Us Against Corruption’ and embeds a fake “Like” button too. The site’s background shows an image of the Kejriwal and his latest Twitter bio that reads, “Political revolution in India has begun. Bharat jaldi badlega.”

Once the user clicks on the “Like” button, they are prompted to key in their Facebook credentials and 'Like' other pictures, this time of cute babies. Symantec has already seen a similar phishing site with the pictures of a young girl.

The Symantec blog states, “Phishers frequently use the same template to host different applications but this time, they forgot to change the reference to cute baby pictures. After the user enters their login credentials, the phishing site redirects the user to an acknowledgment page. The Web page then asks the user to click another “like” button.”

It then displays the email address entered in the previous login page on the acknowledgement page. The fake ‘Like’ button is just a dummy and does not perform any functions. Phishers successfully steal the victims’ confidential information for identity theft purposes.

Symantec suggests that users always check the URL in the address bar before logging into their account and avoid clicking on just about any link. One should also ensure that the website is “encrypted with an SSL certificate by looking for a picture of a padlock image or the 'https' sign before the URL or the green address bar when entering personal or financial information.” Users should not provide any personal credentials or information as a reply to an email or on a pop-up page, it advises.