Scam Alert From Naked Security : Miley Cyrus sex tape is bait for Facebook phishing


From Naked Security : Miley Cyrus sex tape is bait for Facebook phishing

From http://nakedsecurity.sophos.com

Watch out for messages like the following which are popping up on Facebook:
Miley Cyrus sex tape

Omg Miley Cyrus sex tape http://www.facebook.com/l.php?u=%5BLINK%5D

They are, in fact, leading users to a phishing website which hopes that you’ll be so excited about the prospect of seeing a sex tape of the Hannah Montana singing sensation that you won’t notice that you’re being asked to log in to a rudimentary fake copy of Facebook’s front page:
Facebook phishing website. Click for larger version
We all like to think that we’re too smart to fall for a trick like this, but the truth is that you only need to be careless once for the hackers to be successful.
Identity thieves are keen to gain control of your social networking accounts – as they can use them to steal information about you, trick others into scams, and spread spam and malware campaigns from your account.
At least some of the messages appear to be being published from legitimate Facebook users’ accounts, but it isn’t clear presently how they were compromised. If you find your Facebook account has been posting messages unexpectedly about a Miley Cyrus sex tape, change your password, revoke the rights of any unknown applications to access your profile, and ensure that all references to the sex video are removed from your news feed.
What’s interesting is that this latest wave of spam messages say they were posted “via Email”.
That’s the facility Facebook supplies to post status updates to your Facebook page remotely, just by sending an email to a unique address (every Facebook account has a specific email address for this purpose).
Upload email
It’s possible that the facility has been compromised, and spammers have found a way to update users’ statuses of users by sending an email message directly to their Facebook walls.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: