Tag Archives: Phishing

Facebook phishing scam detailed.

Recently, I got a report of someone having their Facebook status changed to this:

“Hey, your profile image is featured on ubzcode.com”

The same message was written on all of the person’s friends walls…… and, hopefully, her friends were suspicious enough not to follow the link!

My Status Message Is Changed / People Tell Me I am Posting Weird Things On Their Walls!

After a little poking around, I found this blog posting (as well as this one) with some additional details.  Essentially, this is something called a “phishing scam”. Even if you have STRONG AntiVirus protection, it may not help you against a phishing attack (although some of the better A/V programs and internet browsers are starting to take counter-measures). The reason? Phishing is the electronic equivalent to a con game — and tricking you into giving out their private information (login names, passwords, credit card information) to the bad guys is their goal.

How They Do It

Sometimes, the “bad guys” use a phony version of a legitimate website or set up a phony website designed to look like a legitimate service. Sometimes, they’ll trick you into disclosing your password with a fake Facebook application or with an email from “The Security Department”. You get the idea — Regardless of how they ask, you’ll probably know that you are being phished when you get that funny feeling that something isn’t right when you are being asked.

Listen to that feeling, m’kay? 😉

What Should I Do If I Think My Facebook Account Has Been Phished?

The list below is geared towards Facebook, but the principles are the same no matter which account of yours has been phished:

  1. Make sure you have the latest version of whatever your AntiVirus software is…. Norton Antivirus 2010 and McAfee AntiVirus Plus are the perennial choices, but companies like Avast! are making some great free alternatives that are worth considering as well!
  2. If you see your Facebook status changed without your knowledge, you should immediately change your password — and change it everywhere you’ve used it!Once they get your login information, Spammers and Hackers will often try it out on all of the popular email services and websites. Programs like 1Password can help you come up with and manage strong passwords that the bad guys will have a very hard time guessing.
  3. Notify your friends to be especially cautious of clicking on links sent from your account for a while.  Many people skip this step out of embarrassment — don’t be one of them!

It’s also a good idea to check out the Facebook Security Resources page — lots of good information, on-line virus scanners, etc.