I received this from TrendMicro's Blog feed today:
It would be easy to think that once someone has logged in successfully to Facebook—and not a phishing site—that the security threat is largely gone. However, that’s not quite the case, as we’ve seen before.
Earlier this week, however, Trend Micro researcher Rik Ferguson found at least two—if not more—malicious applications on Facebook. (These were the Posts and Stream applications.) They were used for a phishing attack that sent users to a known phishing domain, with a page claiming that users need to enter their login credentials to use the application. The messages appear as notifications in a target user’s legitimate Facebook profile, as shown below. The links to the malicious site are highlighted:
Figure 1. Facebook notifications page
After entering the credentials, users would then be redirected to Facebook itself. (The posts detailing these findings can be found at the Counter Measures blog; the initial report is here and a follow-up was posted here.)
While Trend Micro has informed Facebook of these findings, users should still exercise caution when entering login credentials. They should be doubly sure that these are being entered into legitimate sites, and not carefully crafted phishing sites. The particular site involved in this phishing attack is already blocked by the Smart Protection Network.
Image credits: thanks to Rik Ferguson, Countermeasures blog.
Post from: TrendLabs Malware Blog - by Trend MicroFacebook Applications Used For Phishing
View article...
Contact a professional to help you:
Computer Repair Lakeland, FL
Computer Repair Lakeland Florida. Computer Network Lakeland Florida. www.MyComputerGirl.com
Computer Repair Tips for everyday users
Before you attempt to do anything mentioned here or elsewhere, please remember to always back up your data.
ALL CONTENT ON THIS WEB SITE IS PROVIDED TO YOU ON AN "AS IS" "AS AVAILABLE" BASIS WITHOUT WARRANTY OF ANY KIND EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, ACCURACY, AND NON-INFRINGEMENT.
Call (863) 521-1079
ALL CONTENT ON THIS WEB SITE IS PROVIDED TO YOU ON AN "AS IS" "AS AVAILABLE" BASIS WITHOUT WARRANTY OF ANY KIND EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, ACCURACY, AND NON-INFRINGEMENT.
Call (863) 521-1079