Facebook Notification Phishing Attempt
This morning I received a notification that (a high school friend) "XXXX likes your photo" with "your photo" linked, as per usual for Facebook. I clicked the link to see which photo.
Instead of one of my photo pages, I was taken to a blank application, with the name "farn_ville" as its name in the location bar and a data hash sent as a POST. I reported the app, changed my password, and went to the application's profile.
It was named Like, and had a one-star rating. I didn't bother reading its wall, just blocked the app.
While writing this up, I went to try and get the exact wording and some more info... and when I went to the list of applications I've blocked, I couldn't find "Like". The first one on the list is "Owned!" and I suspect that is yet another name for this app... and appropriate.
It's hard to recommend people be careful with links that look EXACTLY like they should. If you find you've clicked a link that doesn't take you where you expected it to, please report it and change your password. It's a pain, but it's better than having someone trying to extort money from your friends or some other weird crap.
Instead of one of my photo pages, I was taken to a blank application, with the name "farn_ville" as its name in the location bar and a data hash sent as a POST. I reported the app, changed my password, and went to the application's profile.
It was named Like, and had a one-star rating. I didn't bother reading its wall, just blocked the app.
While writing this up, I went to try and get the exact wording and some more info... and when I went to the list of applications I've blocked, I couldn't find "Like". The first one on the list is "Owned!" and I suspect that is yet another name for this app... and appropriate.
It's hard to recommend people be careful with links that look EXACTLY like they should. If you find you've clicked a link that doesn't take you where you expected it to, please report it and change your password. It's a pain, but it's better than having someone trying to extort money from your friends or some other weird crap.