I was on Facebook the other day and got a chat notification from a friend that I went to high school with. I hadn’t talked with her in quite a while so I was thrilled that she’d reached out to me to say hi… until I saw the content of her chat message:
- [My Friend] hey greg, how’s it going??
- [Me] hi there! things are good… how about you?
- [My Friend] I want you to take something real quick
- [Me] k
- [My Friend] ok greg, take this test and see what you score.. i can’t get over like a 109, its ridiculous [LINK REMOVED], adam got like a 112 and I’ve been trying to beat them!!
So what’s going on here? Well, unfortunately my friend’s Facebook password had been compromised. The link in question (which has been removed from the chat transcript above) was attempting to send me to some weird looking URL that had “facebook” in it. In all likelihood when I visited the site it would have attempted to plant a virus on my machine or would have attempted to access my PC in some other fashion (stealing my password, login, etc.)
This simply didn’t sound like something my friend would do and knowing what I know I didn’t click on the link. I sent her a note letting her know that I’d received this chat from “her” and wanted to let her know. I received a note back from her minutes later confirming what I’d suspected: It was not her.
In addition to her Facebook password, they’d also gotten a hold of her online banking password! Not good.
So how can you combat this? Well, the most fool proof way would be to never surf the web, never go online, and never sign up for anything. No, I’m not suggesting that as I know it’s probably not going to happen. Short of that, the best thing to do it so CHANGE YOUR PASSWORD. Change your password often. Make make it something that’s difficult to guess. And please… don’t use “password” as your password. (Believe me it happens more often than you think).
For some additional details you may also be interested in these: