Scammers have had it a whole lot easier ever since Facebook came into the picture. Instead of having to come up with outrageous and creative schemes to gain access to personal data and account information, all they have to do now is create a fake Facebook page and let the social network do all the work.
You might have already heard about the fake Facebook Rollercoaster Accident, the "Do You Remember this Photo?" scam, and the Malicious Chrome Extensions issue that take advantage of the social network's users. Now here's another one to add to the list: the fake Facebook added security measure scam.
The malware operates by popping up in a separate window on your screen while you're surfing the Internet. The page sports the Facebook header and displays a form below it that asks users to enter their credit card or debit card number to verify their identity.
The malware was discovered by security firm Trusteer. The firm also reported that a "marketing" video showing off how the scam worked was making the rounds in underground forums so that prospective buyers of the stolen information can see how the entire web injection process worked.
This video illustrates the seamless sophistication of pre-built webinjects that are readily available for purchase on the internet. By attacking Facebook and other ubiquitous social networks fraudsters can tap a massive pool of victims. They can also use the information harvested from social network users to perpetuate fraud on multiple in fronts including online banking, retail, and even to penetrate enterprise and government networks.
-- Amit Klein, Trusteer CEO
Common sense should tell you that it's time to be wary whenever a non-retail site asks for the following information: cardholder name, credit or debit card number, expiry date, card identification number, and address.
So when a random page does pop up to ask you that, just close the browser window--and tell your friends to do the same thing.
Article by Hazel Chua
Gigadgetry: Cool Gadgets, Tech News, Quirky Devices