Log in

No account? Create an account
01 December 2011 @ 03:23 pm
CSRF/Phishing attack  
Originally posted by markf at CSRF/Phishing attack
There is currently a CSRF designed to mislead you into believing LiveJournal is requesting your username and password, when the data is actually being requested by a third party who is trying to gain access to your account.

The attack will appear as though someone has left you a comment, but an image similar to the following will appear requesting your password:


The domain used, liv i ejournal.com, is not livejournal.com, and you should not enter your password into any popup like this which appears.  The domain used by the attacker could change at any time.

If you have entered your username and password into any popup like this, you should immediately change your password at https://www.livejournal.com/changepassword.bml.

If any content has been deleted from your journal by someone other than you, please submit an abuse request.
Tags: ,
Teri Smithkitchenqueen on December 1st, 2011 10:58 pm (UTC)
This is when proper spelling and grammar become important. I caught the Live i journal thing right away.