What would you do if, while you’re busy checking your Facebook news feed, “Facebook Security” suddenly popped up in the chat window and asked you to verify your identity by clicking a link?
Don’t do that.
Especially if some of the characters in their name are ASCII symbols and the link contains a foreign “.vu” address. Especially if the site which the link leads to asks you for your credit card number as proof.
How do people keep falling for these things?
This past week, scammers unleashed a massive phishing scheme designed to pilfer credit card numbers from Facebook’s 800 million users by tricking them into entering the information on a fake website. The news first broke when Kaspersky lab expert David Jacoby reported it on his blog. According to the veteran programmer, the scammer poses as a Facebook security expert and asks you to click a link that looks like a random smattering of letters and numbers. The link redirects you to a site where you’re asked for your email address, password, full name and all the other information a hacker needs to assume your identity. It’s pretty much the same routine as any other phishing scheme.
Then it gets interesting. After you click “accept” on the link and give all of your personal information to the scammer, you’ll be taken to a page that asks you to enter your credit card information to authenticate the entire thing. Once you enter your card number, you’ll be prompted with yet another verification screen that asks for the card’s CSC/CVV code. At that point, you have officially compromised your entire identity.
Oh, and did we mention that after you give the scammers your info, they’ll take over your Facebook profile, change your name and picture to “Facebook Security” and attempt to pull the same trick on everyone in your contacts list? Because they do that, too.
Facebook is perpetually riddled with various phishing scams and malware, but this is the first attack that’s ever attempted credit card fraud. You’d think that after years of being told they’d won the Australian lottery or that they’re the inheritors of a Nigerian prince’s fortune, people on the Internet would be getting a little wiser, but apparently not. Though the official victim count has yet to be released, this scheme has been making enough headlines to warrant an estimate in the thousands.
To ensure that your identity stays safe when using the Internet, never give out your personal information to anyone – especially your credit card number. If a website employee needs to access your account, they can do so without knowing your password. Even retail sites will never personally ask for your card number. If you’re worried about using your credit card online, you should consider taking out a low-limit credit card or using Virtual Cards for shopping on the Internet.
The Internet will always be a dangerous place. Take the right precautions. Make sure you don’t become a victim too.
Related Posts:
- Multi-Million Dollar Hacking Scheme Includes Victims in New Hampshire - WASHINGTON – The credit card information of 80,000 customers has been hacked in a multi-million dollar scheme. Four Romanian nationals have been...
- American Express Launches ‘Link, Like, Love’ Campaign On Facebook - Julia Sherrier of CreditCards.com recently reported on American Express‘ new social media campaign “Link, Like, Love” officially launched on Facebook. The card...
- Upscale Dayton OH Restaurant Targeted In Hacking Scheme - An up-scale Oregon District restaurant was recently targeted by computer hackers. Sidebar 410 has emailed preventative warnings to the estimated 1,250 patrons...
- Danger Of Exposing Personal Information on Facebook - Hackers and scammers have targeted Facebook to gain access to the treasure trove of personal information that’s available on these massive networks....