An American computer security company has come across a phishing website carrying a fake Facebook page showing Aam Aadmi Party leader Arvind Kejriwal.
The phishing site called, “Unite With Us Against Corruption”, uses a poster of the Aam Aadmi Party along with a fake Facebook “like” button.
The fake “like” button is a dummy and does not perform any function. Kejriwal is used as bait.
Phishers uses the website to steal the victims’ confidential information for identity theft purposes.
The phishing site’s background image is a picture of Kejriwal and his latest Twitter tagline - “Political revolution in India has begun. Bharat jaldi badlega (India will change soon).”
US-based Symantec says that after clicking the “like” button, the users are prompted to punch in their Facebook login credentials so that they can “like” the Aam Aadmi Party page.
The phishers also use a misleading login prompt. Instead of mentioning the AAP, the page tells users to log in with their Facebook details to “like” cute baby pictures. Symantec said that it has already seen a similar phishing site that used a picture of a young girl.
“Phishers frequently use the same template to host different applications but this time, they forgot to change the reference to cute baby pictures. After the user enters their login credentials, the phishing site redirects the user to an acknowledgment page.
The Web page then asks the user to click another “like” button,” Symantec's blog says. It then displays the email address entered in the previous login page on the acknowledgement page.
Symantec suggests internet users to check the URL in the address bar before logging into their account. It also recommends not to click on suspicious links in email messages and enter personal information in a pop-up page or window.
The website says users should also ensure that the website is “encrypted with an SSL certificate by looking for a picture of a padlock image or icon, “https”, or the green address bar when entering personal or financial information”.
AAP IT cell head Ankit Lal said that it was a malicious attempt to destroy his party’s image.
“We always try to weed out, indentify or report such phishing sites. People should not trust anything that is not on the offical website of the party,” he added. AAP IT cell chief also said that AAP would inform the party supporters about the phishing sites.