Cybercriminals have come up with a new scheme to trick Facebook users into handing over their credentials. They’ve launched a bogus voting campaign to lure potential victims to a phishing site.
According to experts from Symantec, the phishers have set up a bogus voting website where they ask users the question “Who is greater boys or girls?” Once they cast their vote, internauts are asked to log in to their Facebook and say if they’re male or female.
In the final phase of the scheme, victims are told that their vote has been successfully submitted. The voting site is on a domain that looks something like this: http://smartapps%5Bdomain name].com. This makes the whole thing look more legitimate.
The scammers are aware of the fact that many Facebook users take part in such games every day without giving it too much thought. It wouldn’t be surprising if this campaign managed to harvest a large number of account credential sets.
If you’re a victim of this scam, you should change your Facebook password immediately. If you’ve been using the same password on other sites as well, change all of them.
It’s also recommended that you keep an eye out for any suspicious emails that might land in your inbox since the cybercriminals will likely continue to target victims or they’ll sell the information they’ve obtained to other cybrecrooks and spammers.
In order to avoid falling victim to such Facebook phishing scams, never enter your password on other domains than facebook.com. The legitimate login page is protected with an SSL certificate whose is indicated by the padlock icon in the web browser’s address bar and an HTTPS connection.
Never enter personal or financial information on untrusted websites, especially if you’ve reached them by clicking on a link in an unsolicited email. Always be careful when clicking on links seen on social media networks, particularly if they promise interesting or shocking content.