A couple of interesting Facebook stories have been published in the news recently having to do with security of information. The first story has to do with cybersecurity and phishing attacks. Facebook has been plagued with these attacks over the past few weeks in which hackers are trying to acquire the login password information of Facebook users. The way that it works is that the hackers will send out a malicious link to the friends of already compromised Facebook accounts. When the user clicks on the link, it takes them to what looks exactly like the Facebook login page. Instead, it is a fake page that will send their username and password information to the criminals. The criminals can then access the user's Facebook account to send out more malicious links or other spam. One other result that can be disastrous for the user whose password information is stolen is if they use that same password for other site accounts as well, such as financial accounts. Criminal hackers know that it can be common practice for people to use the same username and password for multiple online accounts. Facebook has said they are cleaning up the problem, removing the phishing messages and resetting the passwords of compromised accounts. Some strategies to avoid this problem are:
- Do not click on links that you are not sure are legitimate.
- Check with the person who sent you the link to make sure they are the ones who sent you the link.
- If the click on the link and it immediately takes you to a login page, it may be a phishing scam.
- Do not keep the same password for all of your online accounts, especially accounts having to do with finances. I know it can be very difficult to keep track of multiple username and passwords, but keeping them seperate will help you avoid a much larger problem if one of them is ever stolen.
- Periodically changing you passwords can also help to minimize damage if your data is ever stolen.