Wednesday, December 21, 2011

Facebook Accounts Hijacked by Malicious Browser Extensions

Scammers have found yet another way to get a hold of your Facebook account.

This new method encourages users to install a "plugin" to watch a video. This "plugin" uses Facebook's API to post messages onto your Facebook. These messages can be anything the scammer wants them to be. Websense demonstrates how this scam works here.

The unique thing about this scam is Facebook can't do much about it. It's the user who is downloading the plugin and not knowing what it is doing. Facebook doesn't have control over the users plugins. Facebook can only promote to uninstall these malicious plugins and to try to watch out for any suspicious ones.

Facebook has been fighting scams for years but this specific scam is harder to exterminate. Facebook can only hope the user listens and does the right things. Don't fall for those false plugins or you could see things being posted on your account which aren't from you!

No comments:

Post a Comment