Filipinos warned against malicious online holiday greetings

enablePagination: false
maxItemsPerPage: 10
totalITemsFound:
maxPaginationLinks: 10
maxPossiblePages:
startIndex:
endIndex:

Metro Manila (CNN Philippines, December 30) — Have you received a notification that a long-lost relative or an acquaintance you've met years ago sent you a holiday greeting? You might want to be extra careful in opening that message.

A cybersecurity nonprofit firm from the Philippines warned the public against malicious and fraudulent Christmas and New Year greetings sent through social messenger apps, such as Facebook Messenger. Several netizens have shared receiving notifications of a mail icon with the caption "I am send you a surprise message. Open this."

Cyber Security Philippines - Computer Emergency Response Team (CERT) explained in four steps how the cyber attack is carried out.

It said the victim receives a greeting notification via messenger apps and once it is clicked, the victim is redirected to different unsecured websites. When they are redirected, they will be bombarded with holiday

greetings. The victim will be asked to input personal data on the unsecured site without knowing that a "malicious" file is running in the background.

The malicious script then accesses the victim's credentials then sends the same message to their other contacts.

CSP-CERT said the following websites are considered malicious:

wish-you(dot)co

wish4u(dot)co

my-msg(dot)co

look-me(dot)co

surprise4u(dot)me

hookupgist(dot)com

see-magic(dot)co

mera-style(dot).co

whatsapp-style(dot)co

my-love(dot)co

The cybersecurity group advised those who have accidentally or unwittingly clicked on the links to change the passwords of their social media accounts and online banking accounts. They also said the users should reset their browsers and update their anti-malware and scan their device.