Phishing attacks are cyber threats that have become very common over the last few years, particularly on major online social networks such as Facebook. Victims of online phishing attacks are tricked into giving up sensitive personal information that can be used for further acts of cybercrime such as theft and fraud.
The three main mechanisms of phishing are:
Malware that prompts victims to enter information while monitored by a keystroke logger.
Phony websites that are designed to look like login pages.
Suspicious emails that ask victims to type in their username and password combinations.
On Facebook, the most common phishing attack takes place on the Web, and it consists of HTML documents that look very similar to login pages. These may be pop-up windows or pages that load in the background before they are fully displayed.
Many of the links that attempt to direct unsuspecting victims to counterfeit Facebook login pages come from suspicious emails that warn users about bogus security issues. The first course of action in protecting yourself from phishing attacks on Facebook is learning to recognize these emails. In many cases, phishing email messages will be riddled with typos and misspellings; another common aspect is that they claim to have included your Facebook password in an attachment. Such attachment is invariably a Trojan horse file that hides a piece of malware.
Another telltale sign of phishing attacks is that they often ask victims to enter information that Facebook would never ask for in the first place. Examples include: social security numbers, credit card information, PIN codes, and street addresses. Whenever you see an email that purports to be from Facebook, and which asks for this type of information, it is best to delete immediately. In the event that you run into a suspicious social media update that seems to come from a friend, but that strangely asks for this information, it is better to flag the post and report it to Facebook since this could indicate that your friend has already been victim of a fishing attack.
Aside from learning to recognize the obvious signs mentioned above, Facebook users should also install antivirus software and Internet security suites on all the desktop, portable and mobile computing devices they use to access Facebook. These software packages must also be kept up-to-date.