OUCH… I just got an update on Facebook from a friend asking what I was doing in a video they saw. I clicked on the link and discovered I needed to log in again to Facebook again… Huh, that’s odd I thought as my fingers quickly leveraged muscle memory and banged out my username and password again. And just when my pinky was pressing the enter key, that voice in my head went off and I realized I didn’t check the URL on the link. Sure enough, the site I just logged into was NOT Facebook.com even though it looked just like Facebook. Crisis mode…
I quickly jumped back into my REAL Facebook account and checked who else received my friend’s “message”. Sure enough, the same message was being posted to every one of her friends obviously through an automated worm which I probably just picked up. Groovy… I just fell victim to a classic Phishing attack.
How did this happen and how can you stop this from happening to you?
Here’s the post I got on my wall and as you can see, it looks like an app.facebook.com but it redirects you to an outside site that asks you to log in so it can harvest Facebook accounts. They did a good job with this one (unfortunately). As you can see from the URL, although it might look exactly like Facebook, it’s not. Yup, typical Phishing con.
I got a post on my wall that looks like this, what should I do?
First things first, DO NOT follow this link, if you see this message or anything close to it, simply delete the post so no one else will click it either. Next, you should call, text, or email the person who you got this to let them know their account was compromised. It’s important to let them know because they’ll need to get rid of the culprit. You can direct them here to find out how in the next step.
My account is sending out posts to all my friends, what can I do?
Step 1 – Login to your Facebook account and go to Account > Application Settings
Step 2 – Confirm you have the following two applications:
- coma estas
- Veoh Videos
Step 3 – Go to the little x on the right side and delete both the applications.
Once you delete those two applications your auto-updates/posts should stop right away. I also highly recommend you change your password immediately since they collected it earlier.
These types of things will most likely get worse in the future so we need to always be aware of what we’re agreeing to or signing up for when allowing applications to access our Facebook account. In this case, the malware appears to only be interested in spreading itself but just imagine if it might have been something REALLY nasty… Hopefully, it didn’t…
So, be smart on the web, don’t do what I just did by not checking the URL before clicking on it. We always want to be certain that we’re giving our information to the correct place because the last thing we want is our user ID and passwords floating around in a hacker’s database! Yeah, not groovy!