No comeback: DICT warns revived Friendster site is a possible phishing scam
The Philippines National Computer Emergency Response Team (CERT) of the Department of Information and Communications Technology (DICT) issued a warning about the revived Friendster site that made the rounds on social media, saying that it could have been possibly used for phishing.
On Nov. 26, netizens were buzzing over the potential comeback of the OG social platform as a new website with the domain "friendster.click" went live. However, Friendster has not made any official announcement about a new platform. The site shut down in 2015, after becoming a social gaming site in 2011.
"Beware of possible 'Friendster' phishing site," the DICT said. "Stunner, a page from Facebook, posted about Friendster being back on social media. Thousands of people have already signed up for the 'new' Friendster. However, CERT-PH has assessed that the said website is possibly used for phishing."
Phishing is a cybersecurity attack in which someone poses as a legitimate institution to lure individuals to provide sensitive data like banking and credit card details, passwords, and other personal information.
Upon initial investigation by the agency, they found the IP address hosting the site had previous reports about phishing, brute force, DDoS attacks, hacking, and host exploitations. The ".click" top-level domain also raised suspicions—most use ".com" as it represents the commercial intent of a website.
The so-called Friendster site also uses WordPress for its main service, which is not typically used for social networking platforms since it is a content management system, said CERT-PH.
The site also suspiciously lacked an "About Us" page which usually gives visitors information about who developed the site.
CERT-PH recommended netizens of the following digital safety practices:
- Do NOT click on suspicious links to avoid future potential threats.
- Do NOT register to this website because your date might be compromised.
- Provide and capacitate employees with cybersecurity knowledge and information to minimize threats.