Posted on

Beware: “Facebook” Phishing Sites on Tor!

fakebook1

I know, I know! I said I was leaving the dark web, but there was a subject I’d been meaning to talk about and never did.  Specifically, there are a ridiculous number of phishing sites on Tor (and on the web in general).

For those who are unfamiliar with the concept, they look almost exactly like a site you would normally use, but are designed to steal your login credentials and such.  Most dark web users seem to be aware of this, but newcomers often fall for the fake sites.

Since Facebook announced its Tor-friendly URL (https://facebookcorewwwi.onion) at the end of 2014, many users likely flocked to the Tor network to try and use it with some degree of anonymity.

During my research on the Tor network, I was using a search engine called VisiTOR, and came across this link: Facebook phishing link.

At least I’m 99.9% sure that’s what it is – please don’t enter any personal information into that page!!!  As I said before, it looks almost exactly like the real one (with some minor differences), but as far as I know, there are no other official Facebook .onion URLs, so I wouldn’t trust it!  (Heck, some people don’t even trust the real one!)  

It’s not uncommon to come across clone sites of many other pages on Tor – the same thing happens with many of the marketplaces, social sites, forums, etc.  This is why so many of them have a message that says: “Make sure you’re using the real [insert site name here].”   Believe it or not, this is why I’ve attempted to memorize the URLs of some of the Tor sites (and succeeded, on occasion).  They sure don’t make it easy, though.  Could you memorize a URL like “mhpcpptjshjgdierfio.onion”?  I understand that this is because onion addresses are usually made of a base32 string of the first 80 bits of the SHA1 hash of the server’s private key, but it’s still tough on us humans. (Yes, that was English.)

I almost fell victim to something like this back in the good ol’ days of AOL (around 1993).  Someone had sent me a fake “AOL InstaKiss” email, which claimed that you had to enter your screen name and password:

INSTAKISS2.png

Being that this was the 90’s, I fell for it and actually did so (because I was a net n00b) but realized my mistake soon after, and immediately changed my login info – so nothing happened.

Anyhow, I basically just wanted to warn Tor users who weren’t aware of this problem.  On the plus side, the real Facebook onion URL is pretty easy to memorize, unlike many of the other Tor sites.  So, in theory, it would be less likely to fall for a phishing attack.

Be careful, and use common sense.  Always verify that a site you’re using is the real one (whether on the clearnet or the dark web), particularly if it’s one that requires login credentials.  And if anything looks suspicious, it probably is!!

 

 

Advertisements

About secretsofthedark

Have you heard of the dark web? Simply put, it's the "hidden internet" built on networks like Tor. "Secrets of the Dark" chronicles my dark web experiences, but is also aimed at demythologizing it and teaching about it. Want to reproduce one of the "horror stories"? Contact me at ciphas@protonmail.com.

One response to “Beware: “Facebook” Phishing Sites on Tor!

  1. Matrix ⋅

    New and Fresh Onion Links Everyday! Nov. 2016. Matrix Directory-
    http://matrixdirectory.torpress2sarn7xw.onion/

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s