New attack plays on privacy fears and Facebook’s ubiquity
But not only does this phishing attack play on the privacy fears that Facebook Inc (NASDAQ:FB) aggravates, it also plays on our comfort with using a single set of credentials (gmail, Facebook) to access lots of different websites.
Signing in through Facebook Inc (NASDAQ:FB) doesn’t exactly work this way, but for someone who’s not paying attention (because they want to know what terrible pictures are being spread across the internet, perhaps) getting redirected to a website that looks exactly like the Facebook front page might be enough to get a few passwords. After all, if these tactics never worked you have to assume that phishers would stop using them.
Protect yourself from phishing attacks
As with any phishing attack, the key is to be skeptical any time you’re prompted to take immediate action, whether it be to earn a million dollars from a stranger or save your dignity from some anonymous website. If you’re redirected to a website, make sure the URL is correct. If it looks strange, go to the website on your own (this is the same as finding phone numbers for yourself instead of relying on the ones given to you if you suspect an offline scam). And of course, if you think your account might be compromised you should change your password immediately. With any luck you’ll save yourself the real embarrassment of having to explain to your friends that you still fall for internet con jobs.