Facebook page admins beware! A convincing phishing scam is catching people out!

Have you heard of the website www.facecrooks.com?  I guess you have now!  It’s a really useful website that documents scams and privacy issues for the world’s biggest social media website. It’s a great little site that I recommend bookmarking or adding to your RSS feed.

The reason I mention this site here is that they have spotted a phishing scam that is catching a number of Facebook page admins out.  It’s really just a different version of an old theme, but it’s the first time I’ve personally seen this within Facebook!

This phishing campaign is being seeded via emails like the one below:

When a user clicks on the link they are taken to a page within Facebook.  That’s right, you are actually taken to the real website so what is it that let’s us know that this is a scam?  The URL! It gives the game away as it shows us that this is a third party app rather than a page that the Facebook team have put together.

Take note.. Anytime you see a Facebook page with this URL: https://apps.Facebook.com/name-of-app/
you should know that you are interacting with a third party app and NOT a native Facebook application.

Of course, like many phishing campaigns, the intention is to gain your username and password. Once the scammer has these details they can log in and post on your timeline. More often than not these posts will be designed to entice you and your friends into clicking on a link that will install malware on your computers, so do NOT click on any strange looking messages that might have appeared on your wall.  Instead delete them immediately.

If you have just realised that you have already interacted with the app change your password straight away to prevent being locked out by the scammers.  If some strange messages have appeared on your timeline, inform your friends that your account has been compromised in case they need to take the appropriate action as well. It’s also probably worth completing a full virus scan to be certain that no malware has entered your computers system.

As an added safety precaution you might like to install the Bitdefender SafeGo app.  It will scan your news feed and help keep you safe as you read your news feed in Facebook and/or Twitter.

James Lawson, Consultant