Since the beginning of May, Symantec has observed a new wave of phishing attacks on Facebook users and it seems these attacks are set to continue.
The vendor said it has observed a current method of attack that targets a victim's Facebook account.
Phishing attackers send a message to a victim's Facebook 'inbox' as well as an email notification with the subject 'Hello' or 'Hi'.
The email appears to have come from the victim's friend and includes text asking the user to visit a malicious and fake Facebook login page.
From this page the attacker will then steal the user's login credentials to launch future attacks.
If consumers want to avoid inadvertently sending malicious messages to their circle of Facebook friends, Symantec advises maintaining a level of caution around any messages from within a website or one that appears to be from a website.
The vendor said if a user clicks on a link, double-check the actual domain that is shown at the top of the page.
It's best practice to type the direct Web address directly into your address bar rather than rely on links from a message.
Use complex passwords and unique ones for each site. Suggestions include; use a combination of upper case and lower case letters, symbols and numbers.
Make sure your passwords are at least eight characters long and the more characters your passwords contain, the more difficult they are to guess.
Avoid using easily-obtained personal information and this includes licence plate numbers, telephone numbers, social security numbers, your automobile's make or model, your street address, etc.
Don't answer yes when prompted to save your password to a particular computer.
Instead, rely on a strong password committed to memory or stored in a dependable password management program.
Use security software and check out web safety services, where a community of web users collaborate to report dangerous phishing and malware sites.
-1.jpg&w=100&c=1&s=0)
.png&w=100&c=1&s=0)
