We would start with a "Beware of what Facebook you access when you log in". It is very possible that the Facebook page you accessed is not the official one, and at the moment you enter user / email address and password to access your Facebook account, actually send them to third-party bad guys.
This process by which one the web page is cloned (made a copy of the official one) in order to mislead the unknowing users and get confidential data, is called "Phishing". Every year, thousands of bank customers fall into the trap of criminals who practice this method. This way they end up without money in accounts or with sensitive information leaked to third parties.
Among social networks (social network), Facebook is the most cloned social network. In a report anti-phishing al Kaspersky Lab it is shown that Facebook "owns" 60% of the cloned web pages of social networks. And this only in the first quarter of 2018. (Q1 2018).
Specifically, Kaspersky has been able to stop hundreds of millions of attempts to stop visiting fake Facebook pages.
How to do phishing and why Facebook pages are cloned
About cloning we talked a bit higher. A faithful copy of the Facebook login page, in which users are urged, is made enter personal data for creating a new Facebook account or to be authenticate with an existing one. In both cases the registration and authentication process will not work and additional information will be required to "verify identity". This information is personal data and data of credit or debit cards. All this information introduced by the victim will not reach Facebook, but the offenders.
In addition, for victims who already had Facebook accounts, obtaining a username and password by a criminal can provide valuable information. Bank passwords and information sent in Facebook Messenger messages, personal information and other confidential data that criminals can use.
Another danger is Facebook phishing, made on the real accounts of the victims. These accounts are used to publish or send links to phishing web pages in messages. Friends on Facebook may think it is a trusty link if it comes from a known person.
Facebook is not the only social network targeted by offenders. VK (the social network in Russia) and LinkedIn they are also frequent targets of phishing. However, 2.13's billions of active Facebook users send it to the top of the world's most cloned social networks.
The fact that the targets of the villains are personal accounts of the users of the so-called network users shows us once again how important our personal data is. These can be used both to make a quick profit by obtaining banking information as well as for manipulation or orientation in directions dictated by entities or individuals.
Cybercriminals constantly seeking new ways to hit users and evade confidential data. That's why it's very important to take good care of your online behavior to avoid becoming the next target.
What you need to do to avoid becoming a phishing / phishing-scam victim
1. The best known method of deception is with help free Wi-Fi networks. Once you connect to a public wireless network with your laptop or mobile phone, you have no way of knowing that the page you are visiting Facebook, PayPal or a bank is the real one.
Offenders can create clones of official pages in a wireless network, and finding this is almost impossible if you do not have IT knowledge.
Do not access it mobile application of a bank is not very secure from a public wireless network. Confidential data can be decrypted / intercepted inside the network. Therefore, do not use public wireless networks than for applications and accessing websites that do not involve the confidential data transfer.
2. Always check the web address of the incoming links mail or chat before you click on them to open them. Behind a link word can hide a phishing web address.
A small example. You can receive a message in a mail that will urge you to please visit urgently https://facebook.com, otherwise your Facebook account will be suspended. If you click on the "facebook.com" link you tend to think that it will take you to the Facebook page. Try this on the link we put and you will see the result. Google.com will open, not Facebook.com. An offender will redirect you to a virus or phishing web page to take your confidential data. So, be very careful before you click on a link.
3. Use one antivirus software capable of filtering malicious web pages. Antivirus vendors constantly invest in new techniques for detecting and blocking phishing web pages. Kaspersky Lab offers such solutions. Some even free.
4. Check if the web page has HTTPS and if domain name is the official one.
Websites of online banking, online shops, Social network or ad portals, all must use the HTTPS protocol. It ensures the encrypted transport of data between your computer / smartphone and the server on which it is hosted.
5. Never share your confidential data via e-mail or any other chat communication method. No bank, institution or social network will ask you for your bank card data, login data for different accounts by e-mail, SMS or messenger.
Respecting these five points, greatly reduces the likelihood of becoming the victim of a computer attack, but do not forget to be vigilant. Criminals always find the most "innovative" methods to achieve their goals. Let's not forget that before the anti-virus, it was the virus.
