I've had a few enquiries come through with regards this blog entry about a strange Facebook threat we found over the weekend, and whether it's the same thing as written about by the awesome Rik Ferguson over here.
To clarify, these are two totally different Facebook attacks so you need to man the battlements on all fronts, or something.
The threat Rik covered involves messages being sent, an actual application and phishing pages that mimic the real thing once you visit the external URL via clicking a hyperlink.
The threat we found has no actual application involved at all - instead, the (mis)use of a Facebook application URL (apps.facebook.com/customer_dispute), with what was likely a phishing page related to "Customer disputes" somehow attached directly underneath the real Facebook app URL.
Be careful out there...
To clarify, these are two totally different Facebook attacks so you need to man the battlements on all fronts, or something.
The threat Rik covered involves messages being sent, an actual application and phishing pages that mimic the real thing once you visit the external URL via clicking a hyperlink.
The threat we found has no actual application involved at all - instead, the (mis)use of a Facebook application URL (apps.facebook.com/customer_dispute), with what was likely a phishing page related to "Customer disputes" somehow attached directly underneath the real Facebook app URL.
Be careful out there...
Leave a comment