During last week contacts on Facebook (FB) started sending me messages like this including my name in the message.
In my case, the messages where both in Swedish and German, depending on which interface language the person who is sending the messages is using in FB.
When clicking on those message, users got re-directed to a fake FB login page, hosted on others person’s hacked homepage.
Just opening this site was (in this case) not dangerous. But once the user was falling for this fake FB login page and entering it’s user credentials, this information was then used to get access to the user FB profile and sending the same message to all his/her Facebook contacts as well.
(Un)fortunately at the time of writing this article, non of the received links is working anymore, to show an example of the fake login page.
Lessons learned, if not already known:
- Be suspicious when receiving message like shown above.
- If you clicked on the link and ending up in a new FB login page, be even more suspicious! 🙂
- Change your FB login password asasp, if you went so far that you have entered your FB login credentials on the fake login page.
- Warn your friends on FB if starting receiving such messages, especially the person sending it to you.
Be safe out there….