Warning!
If this link has been pasted on your wall, please change your password right away because your account password may have been hacked. A friend has placed this warning on your wall to help protect you and your friends. Pasting this link on your friends’ wall will help protect them from a common Facebook hack. Knowledge is power. To paste this link on your wall or a friends wall, simply copy and paste the URL from your browser. Visit your page or friends page and post it on the wall).
Read on to learn how to protect yourself!
The Facebook hack starts with Wall Post.
Step 1: A link is placed on your wall. This link is usually fairly inconspicuous except that it usually has a very tempting call to action. It usually says that there are silly pictures or video of you somewhere. Of course you want to click through to see what it is. Or disprove that it’s you. Or to assess what damage you have done in the pub in public last night.
In reality, there is no picture or video of you. They are just tempting you to follow their link.
If you take a look at the post at the right, it shows an example of a link I found on my wall.
An evil Web page posing as facebook!
Step 2: If you follow the link, you will be presented with a page that looks like Facebook. But it’s not Facebook.
Take a look at the real life example at the right.
It looks and feels like facebook. You might be surprised that for some reason you need to log in again. Many people don’t notice this as computer systems ask you to log in again at times.
The reality is that this is not Facebook! It is just a page that looks like Facebook!
Step 3: The victim (possibly you or one of your friends) enters their Facebook email and password. Jackpot! The thieves now have your log in credentials for Facebook!
Step 4: The thieves now use your login information to log into your Facebook account! If they are nasty people they may change your password and you will never get back into that account!
Typically the thieves will get into your account and post the link from step 1 on your friends pages.
Then the cycle repeats.
To make matters worse, the thieves may have a Web robot which logs into your account and posts the links automatically. With this automation some people may refer to this exploit as a virus.
So please make sure you are actually at the Facebook site before you log in! Always check the URL or Web address before typing your password.
This tactic is known as phishing. It is often used to get your email password or even your bank password!
Be careful!
Here’s what it looks like in real life. This example is from an actual case!
There is another thing to be wary of. Some Web sites have like buttons (this site for instance). The idea is that you click the button and then a link to the site is added to your facebook.
But some sites try to fool you. You think you are clicking a link on their site but it’s placing the link in your facebook. Or they run a script that does it upon visiting a site and you don’t even have to click anything.
If that happens, then mark the post on your facebook page as spam.
Thanks for your comment Jay.
But keep in mind this article is to help people understand how to not have their password phished.
The simplest solution is to not place real information on social networking sites. Never add real phone numbers, addresses (physical or email), birthdates, or traceable names on FB. Even if you don’t get hacked – all FB does with your information is SELL IT.