That’s correct! There is a facebook app out right now that is stealing users login credentials, potentially locking them out of their own account and using it for god knows what. It is classified as a “Rogue Facebook Application”. A user installs the app which places 3rd party facebook notification software on the user’s desktop. The user gets a notification that someone left a comment on their page. When the user clicks on the notification link to check out the comment, it directs them to a website that is disguised to look exactly like the facebook login page (it is actually hosted by fucabook.com – always check your address bar before logging in!). The user will then log in with their facebook credentials and thus exposing the account to the creators of this rogue application. Next fake page forwards the user to the real facebook login page pretending that the login credentials did not take the first time, logging the user into facebook so they don’t suspect anything is wrong.
At least one of the rogue apps that this stems from is called “sex sex sex and more sex!!!” (go figure) which has stolen an estimated 300,000 facebook accounts as of today, 08/17/2009. This number comes from Senior Security Advisor Rik Ferguson from Trend Micro.
Ferguson warns, “Also check the true destination of a link before clicking it by hovering your mouse pointer over it. If it looks suspicious, don’t click it,” he wrote in a blog post. “Also, if you’re a Facebook user, now would be a good time to review your privacy settings and clear out any applications you no longer use.”
PLEASE DON’T FALL FOR ROGUE APPLICATIONS LIKE THIS!
Always check the address bar before you login, and don’t get click happy and add tons of random facebook applications.
Best regards,
Nosta
Popularity: 1% [?]
strud - August 17th, 2009 at 8:44 pm
Thanks for the heads up!! No doubt valuable information!