![]() Our reader immediately assumed that his friend had himself recently recieved a similar (perhaps even an identical) message, and had not only clicked through but attempted to login, handing his password to the crooks and thus ensuring that all his contacts would soon be spammed in turn. Unfortunately, putting in your username and password into the fake login page above would submit them to a server running on a low-cost web hosting service in the USA, using a vaguely legitimate-looking domain name that was registered less than a month ago. The URL (redacted above) clearly has nothing to do with Facebook – it’s a randomly-generated server name on a boutique Hungarian web hosting platform – and, as you can see from the crossed-out padlock icon in the address bar, the site uses HTTP and not HTTPS.įacebook was an early adopter of HTTPS-for-everything, giving up on HTTP altogether back in 2012, so any page that claims to represent Facebook but doesn’t have HTTPS is an unreconstructed fake.įacebook finally enables HTTPS by default, we give away free T-shirts to celebrate ![]() There is no video, of course – the black image links to a URL shortening service, which in turn redirects to a URL that pops up what looks like a Facebook login page: Indeed, many users deliberately limit their “circles of contact” on social media and instant messaging services not just for privacy reasons but also to cut down on the sort of unsolicited messages, spams and scams they endure via email.Ī scammer with your instant messaging or social media passwords is not only a menace to you, but also to those around you, as one of our readers discovered this evening when he received a note from a friend via Facebook Messenger that said:įrom someone you didn’t know, a question like that would fall somewhere between bizarre and creepy, but from a friend, who wouldn’t want to take a look? …well, it’s much more likely that a scammer will be able to talk you into clicking a link using a message that actually came from a friend’s account than if they just contacted you out of the blue. ![]() Whether it’s pitching a bogus investment plan, luring someone to a fake login page, persuading them to submit an application form for a non-existent job, or simply getting them to waste their money on useless, overpriced, shoddily made tat… …well, it’s not just so they can sneak into your account and snoop through your personal data with a view to abusing it themselves or selling it on to someone else who will.Īccess to your account also gives crooks a level of trusted access to your friends and family that makes scams of all sorts much easier to pull off. If you’ve ever wondered why cybercriminals are interested in your IM passwords… ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |