Attacking social networking websites is becoming more common all the time. My guess is that they are being leveraged by criminals, who are after the vast amount of personal information people willingly put up on these sites.
For the past couple of weeks, the ongoing attack on FaceBook has figured prominently in the media. The attack isn't much different than some of the other ones we've seen in recent years – which are to take over a user account – and then use it to trick people into falling for a scam. In this instance, a phishy link is being used to direct the effort.
The intended victim receives a communication from someone they know (who has already been compromised), which directs them to a page that appears to be a FaceBook login. They are then prompted to put in their user name and password. If they do, their information is stolen and will be used to trick even more people into doing the same thing.
Stealing stolen user accounts on eBay has been a problem for years. On eBay, it is a means of using an established seller's credentials to trick people into thinking they are dealing with a "trusted seller." The only difference here is that instead of selling bogus or non-existent merchandise, the intent on FaceBook is probably to trick people into giving up personal or financial information.
This information can then be used to commit financial crimes, using the victim’s identity.
I found some information about the FaceBook attack on Symantec's Security Response blog. Thus far, according to the research conducted on this at their lab, no computers have been infected.
According to Marian Meritt at Symantec, the danger of giving up your FaceBook credentials might go beyond having your account compromised. She believes the hackers behind this are looking to compromise other accounts, where you might use the same credentials. I read some other articles on this and thus far this seems to be the consensus of why the attack is occurring, but no one seems to know for sure.
Whether this is the intent, or not – the advice given in the post is something that should be considered when dealing with the multiple accounts a lot of us have.
First and foremost, you should pay attention to the address in the bar at the top of your page. If it is not exactly the address of the legitimate site, you are probably being tricked into thinking that it is. For instance, www.faceboot.com is not www.facebook.com. Even better, if you spot a suspicious link, hover your mouse on it (without clicking on it) and the actual address will appear at the bottom left-hand of the page. Entering the legitimate address in your address bar is always smarter than clicking on a link, too.
Article comments
1 - Jeannie Danna
Ed, I had my essays stollen word for word over at Wordpress. They advised me to file a DMCA against the scraper site Demo-research-politics.com hosted at The planet. I filed one and Akismet contacted me saying they had disabled their link. I ask why couldn't WP disable it? Needless to say I Like it over here at BC! Except for a handful of family and readers my little blog is full of cob-webs. I wont even write there anymore so I have to figure out how to get my material out of there. Would this be of interest to you? I mean for a future article on how safe are our blogs? Jeannie :)