Phish in the (Photo)bucket

by educare | 11:15 PM in | comments (0)


by Sarah Calaunan (Fraud Analyst)

Photobucket is, by far, one of the largest photo-sharing sites in the world. It is generally used for personal photographic albums, remote storage of avatars displayed on Internet forums, and storage of videos.

Lots of people may opt to keep their albums private, allow password-protected guest access, or open them up to the public. And now this photo-sharing site is being attacked by phishers.

The login page above looks exactly like the original site that lures the users to enter their user name and password.

Once victims enter their credentials, phishers can use them to obtain full access to victims’ Photobucket accounts, and may use the latter’s albums to insert malicious code.

Image-hosting sites have grown intensely popular and are widely used. A report from McCann released in March of this year has stated that a global volume of 63.2% of all active Internet users visit photo-sharing Web sites on a daily basis.