Image via Devil’s Workshop
Last week on the ReputationDefender Blog, we shared “Six Tips to Foil the Phishers.” Increasingly, however, phishing schemes are not only being perpetrated through e-mail, but also social networking sites. In fact, according to a recent CNN article, a 2005 study from the University of Indiana found that phishing attacks on social networks were successful 70 percent of the time. That’s why, today, we’re going to offer some advice on how to protect yourself from phishing attacks on Facebook.
Trust, but Verify
Many phishers have taken advantage of Facebook users by posing as their friends and then asking them to wire money to cover some kind of emergency. While no one would suggest that you should ignore a friend in need, in the words of former President Ronald Reagan, you should “trust, but verify.” With Facebook expanding at an astronomic pace (the CNN article notes that the site now has over 300 million users worldwide), it is important for users to show discretion in answering messages. Before wiring your friend money, try and call him or her directly, or call someone close to him or her, to verify their story.
Check the URL
The majority of phishing attacks trick users into giving away their private information by directing them to fake websites that are specially designed to look like the real thing. While it is sometimes difficult to determine whether a site is authentic, (scammers are becoming more and more adept at designing near-perfect copies of websites) there are certain clues you can look for to help you spot a fake, namely the URL. One of the signs that a URL might be part of a phishing attack is the use of a subdomain, for example, http://customersupport.facebook.com. In this case, “customer support” is the subdomain. If you suspect you’ve opened a phishing website, you should close your browser and then attempt to access the website directly.
Go Easy on the Apps
If you use Facebook, you’ve probably received more than your fair share of weird requests. Whether it’s an invitation to play Mafia Wars, a quiz to find out which cast member of 90210 you are, or some other time-consuming, yet useless application, it is important that you use discretion in choosing which apps you add on to your page. Though many users don’t know it, by adding an external application, you are authorizing someone besides Facebook to access your private profile information. Furthermore, though Facebook tries their best to monitor each application that is submitted to the site, the volume of new applications is simply so great that some spam applications are bound to get in.
For more information on Internet privacy and Online Reputation Management issues, follow ReputationDefender on Twitter.