Symantec researchers recently found that cybercriminals had set up a phishing site offering a Facebook app that allegedly protects your account from hackers. The irony in this scam, of course, is not only the fact that it sets user accounts up for hijacking, but the fact that it’s so poorly carried out.
While the scammers did put effort into spoofing the Facebook site design, the phishing page is hosted on a free web-hosting site and for some reason has an image of a fake Facebook stock certificate at the bottom of it.
To install the app, users must provide their Facebook login information and then enter a confirmation code, which researchers found is always “7710.” After entering the requested information, users will see a confirmation page that thanks them for “using this service” and states that their Facebook account will be secure in 24 hours.
That should be plenty of time for the scammer to login and take over their Facebook account.
Protecting Your Facebook Account
If security is a concern, users can keep their Facebook account safe from hackers by following these safety tips:
- Use a unique, strong password for their account. (Don’t share your password either!)
- Enable secure browsing (https) on their Facebook profile. (Why?)
- Enable login notifications, text message notifications & login approvals under Facebook’s security settings.
- Use Facebook’s App Center to find and install Facebook apps.
- Always check the URL before entering Facebook login credentials.
- Exercise caution when checking email (no clicking links or downloading files attached to unsolicited emails) and surfing the web.
- Keep your operating system & antivirus current to minimize the chances of malware infecting your machine.
Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+