Facebook: Someone Tried to Lure

Dibawah ini adalah email yang saya dapatkan dari seseorang yang mencoba untuk mendapatkan akun facebook dengan mengirim email seakan-akan dari facebook.

Targetnya adalah pengguna facebook yang memiliki email client dengan pengaturan default, yaitu View as HTML. Sehingga link palsu (http://facebook.com.sitono.net) tidak terlihat. Padahal link facebook yang benar adalah http://facebook.com.

Dengan isi email yang meyakinkan seperti dibawah, maka tanpa sadar pengguna (gaptek html dan email client) akan mengklik tautan yang tersedia. Dan mengikuti perintah-perintah pada website palsu tersebut.

Pengaturan View as Plain Text sangat jarang digunakan. Padahal cukup bermanfaat.

Delivered-To: cencored
Received: by 10.142.90.5 with SMTP id n5cs145214wfb;
Sat, 26 Jun 2010 10:15:05 -0700 (PDT)
Received: by 10.142.117.2 with SMTP id p2mr2965508wfc.209.1277572505544;
Sat, 26 Jun 2010 10:15:05 -0700 (PDT)
Return-Path: 

Received: from m1.dnsix.com (m1.dnsix.com [66.11.225.98])
        by mx.google.com with ESMTP id l6si1192938wfa.144.2010.06.26.10.15.05;
        Sat, 26 Jun 2010 10:15:05 -0700 (PDT)

Received-SPF: neutral (google.com: 66.11.225.98 is neither permitted nor denied by best guess record for domain of anonymous@webxc02s08.ad.aruba.it) client-ip=66.11.225.98;

Authentication-Results: mx.google.com; spf=neutral (google.com: 66.11.225.98 is neither permitted nor denied by best guess record for domain of anonymous@webxc02s08.ad.aruba.it) smtp.mail=anonymous@webxc02s08.ad.aruba.it

Received: from [62.149.158.108] (helo=smtpsmart2.aruba.it)
 by m1.dnsix.com with smtp (Exim 4.63)
 (envelope-from )
 id 1OSYy8-0008P3-Ha
 for cencored; Sat, 26 Jun 2010 10:15:04 -0700

Received: (qmail 2039 invoked by uid 89); 26 Jun 2010 17:15:00 -0000

Received: by simscan 1.2.0 ppid: 1965, pid: 1967, t: 1.1889s
         scanners: clamav: 0.88.4/m:40/d:1945 spam: 3.1.4

X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on
 smtpsmart2.fe.aruba.it
X-Spam-Level: ***
X-Spam-Status: No, score=3.1 required=5.0 tests=BAYES_50,HTML_MIME_NO_HTML_TAG,
 MIME_HTML_ONLY,RDNS_NONE,SPF_FAIL autolearn=disabled version=3.2.5

Received: from unknown (HELO webxc02s08.ad.aruba.it) (62.149.141.29)
  by smtpsmart2.fe.aruba.it with SMTP; 26 Jun 2010 17:14:59 -0000

Received: (qmail 24173 invoked by uid 12241837); 26 Jun 2010 17:14:14 -0000
Date: 26 Jun 2010 17:14:14 -0000
Message-ID: <20100626171414.24172.qmail@webxc02s08.ad.aruba.it>
To: cencored
Subject: Confirmation Security Question
From: The Facebook Team 
Reply-To:

MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: 8bit

Since Facebook passwords are case sensitive (FACEbook is not the same as facebook), we recommend copying and pasting the login and password into the appropriate fields. Once logged in, you can change your password from the Settings tab of the Account Settings page.

Please adhere to the following guidelines to help ensure the security of your account in the future.

1. Password Protection: You should select a unique and complex password for your account and keep this entirely to yourself. Be sure that you use a complex string of numbers, letters, and punctuation marks that is at least six characters in length. It should also be different from other passwords you use elsewhere on the internet.

2. Private Browsing: Please make sure that you log out of your Facebook account and quit your browser when you're done using the site. This is especially important when using a public computer or someone else's mobile device. You should also never check the "Remember Me" box when logging in from a public computer, as this will keep you logged in even after you close your browser window.

3. Secure Email: Since anyone who can read your email can probably also access your Facebook account, you should make sure that any email addresses associated with your account are secure. To ensure security, you should change the password for all of your email accounts and make sure that no two are the same. By varying your passwords, you can greatly decrease your account's risk of being compromised in the future.

4. Security Question: If you have not done so already, you should add a security question to your account from the Account Settings page. You should choose a question and answer that you will remember, and no one else should be able to answer the question that you choose.

5. Log in at <a href="http://facebook.com.sitono.net/">www.facebook.com</a>: Make sure that when you access the site, you always log in from a legitimate Facebook page with the <a href="http://facebook.com.sitono.net/">www.facebook.com</a> domain. Do not click any unfamiliar links and do not run any executable files (files ending in .exe) on your computer without knowing what they are. If something looks or feels suspicious, go directly to <a href="http://facebook.com.sitono.net/">www.facebook.com</a> to log in.

</info+yasabaa@support.facebook.com></anonymous@webxc02s08.ad.aruba.it></anonymous@webxc02s08.ad.aruba.it></pre>

<pre id="line66">6. Run Anti-Virus Software: If your computer has been infected with a virus or with malware, you will need to run anti-virus software to remove these harmful programs and keep your information secure.

if you want to continue this message, please click here <a href="http://facebook.com.sitono.net/">http://www.facebook.com</a> if you ignore this message we assume you have withdrawn from facebook.

Thanks for contacting Facebook.

Sincerely,

Scotty
User Operations
<a href="http://facebook.com.sitono.net/">Facebook</a>