Some phishing scams are so obvious that they’re almost laughable. A misspelled word here or there, atrocious grammar, outrageous claims of instant wealth, undue solicitation of credit card details – these are usually enough to identify a scammer’s attempt. However, when a scammer ups their game and actually spends some effort on making the scam believable, the only thing that a user has to fall back on is his computer and internet know-how. Without these two, vulnerable users can easily fall victim to phishing attacks, especially those similar to the ones currently making their rounds on the social networking scene.
There’s a phishing attack that’s currently spreading through e-mail that’s experiencing considerable success because of its believability. It mimics the official-sounding language that’s being used by Facebook and even goes so far as to create websites that look exactly like Facebook.
The phishing attack comes, ironically, in the form of a security e-mail that’s said to be from “Facebook”. The e-mail claims that there has been an unauthorized log-in from a different location than the one that the user often uses. The user is then prompted to provide his account details in order to address the issue.
Another similar scam claims that the user has violated the site’s policy by insulting or annoying other Facebook members and that the user’s account will thereby be deleted in the next 24 hours. The e-mail then asks for the user’s log in details and links the person to a fake but rather believable “Account Disabled” page. The fake page even has a ‘Terms and Conditions’ Page to make it look more legitimate. It also has a form which asks for personal details, email login – including credit card information (for authentication, the page claims).
Once the scammer has the victim’s data and credit card information, he will then proceed to lock the user out of his or her actual Facebook page by changing the password and sometimes even the e-mail used for logging in. Once the account is pretty much secured, the scammer is then free to use the person’s credit card for his own gain. Furthermore, the scammer also gains access to the victim’s contact list, giving him an even longer list of possible victims.
Any e-mail that asks for your credit card details or account details should be marked with a red flag. They’re likely to be scams or phishing attempts. Some of us already know this by heart. However, there are some users out there who are not quite as tech savvy and need to be alerted of the presence of this rather tricky scam.
It is also advisable to book the Facebook login screen. Never follow any links in an email to Facebook. Instead, close out of the email and then use the bookmarked link to access the site. Use this same safety measure for all of your sensitive accounts.