Rogue Facebook app harvests user credentials

By

Facebook users who allow third-party applications onto their desktop have been warned that a rogue Facebook app is luring users to a site set up to harvest their credentials.

Affected users receive a notification that someone has commented on one of their posts, but clicking on the hyperlink in the notification leads to a malicious site hosted on the fucabook.com domain, according to Trend Micro senior security advisor Rik Ferguson.

The malicious site then pulls up the real Facebook log-in page to prompt users to enter their details again.

The notifications appear to come from a dubious sounding app called 'sex sex sex and more sex!!!' which has over 287,000 users signed up already, said Ferguson. He warned users to always check the URL of a site in the browser bar before entering sensitive information.

"Also check the true destination of a link before clicking it by hovering your mouse pointer over it. If it looks suspicious, don't click it," he wrote in a blog post. "Also, if you're a Facebook user, now would be a good time to review your privacy settings and clear out any applications you no longer use."

Rogue Facebook app harvests user credentials
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Log In

  |  Forgot your password?