In what's just the latest Facebook phishing scam, hackers on Thursday broke into accounts and sent e-mails to friends urging them to log on to fake Facebook sites, according to new reports and anecdotes from members.
The social-networking site is in the process of cleaning up from the hack and is blocking compromised accounts, Reuters reported. "Victims were directed to log back in to the site, but actually logged into the one controlled by the hackers, unwittingly giving away their passwords," Reuters said, adding that the fake domains include www.151.im, www.121.im and www.123.im.
Facebook did not immediately respond to an e-mail seeking confirmation and information about the hack. The number of users affected remains unknown, but a Facebook spokesman told The New York Times it "is not widespread and is only impacting a small fraction of a percent of users."
In addition to the scam, Facebook security made the news Thursday in relation to upcoming plans for "verified apps" on the site. Under this program, Facebook will review developer apps for a $375 fee to make sure they fit security and transparency standards, and will award a graphic badge to apps that make the cut.
(Credit:
Macworld)
MobileMe users are being targeted by a phishing scam.
Users of MobileMe, which automatically sends e-mail, contacts, and calendar events to your computer, iPhone, or iPod, have been receiving a new e-mail that looks like it comes from Apple. It warns that attempts to renew the MobileMe subscription have failed because of a problem with charging the credit card and prompts the recipient to log in and update information on a site that looks legitimate but is not, Macworld reported on Wednesday.
A similar phishing scam targeting MobileMe users was discovered in August, according to Macworld.
Tips for MobileMe users and anyone who does any transactions online include never clicking on links in an e-mail that prompt for financial information and looking for the "https" in the Web address for more secure communication with sites.
Think you can spot the difference between a legitimate e-mail and a phishing scam sitting in your in-box? According to one security vendor, many people can't.
The SonicWall Phishing and Spam IQ Quiz test presents a series of e-mails that may or may not be from PayPal, Wells Fargo, the IRS, and others. Test takers must decide whether the e-mail is a phishing attempt, legitimate, or provide no answer. Afterward, a score card is presented and if any questions were missing, there's an opportunity to see why: A page opens up identifying the clues that should have told you a given e-mail was probably bogus.
According to SonicWall, only 59.4 percent of test takers so far this year have been able to properly identify a legitimate e-mail, compared with 77.8 percent of the test takers in 2004. And this year, only 7.4 percent of test takers were able to correctly identify and categorize every e-mail they were presented.
The good news is that people are better at spotting a likely phishing scam. This year 86.1 percent caught the scam, as opposed to only 69.2 percent in 2004.
Real or fake? By taking the test, you can test your ability to spot a phishing scam.
(Credit: SonicWall)- prev
- 1
- next
