Windows 10 News and info | Forum
November 26, 2020, Loading... *
Welcome, Guest. Please login or register.

Login with username, password and session length
News: This is a clean Ad-free Forum and protected by StopForumSpam, Project Honeypot, Botscout and AbuseIPDB | This forum does not use audio ads, popups, or other annoyances. New member registration currently disabled.
 
  Website   Home   Windows 8 Website GDPR Help Login Register  
By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy.
Pages: [1]
  Print  
Share this topic on Del.icio.usShare this topic on DiggShare this topic on FacebookShare this topic on GoogleShare this topic on MySpaceShare this topic on RedditShare this topic on StumbleUponShare this topic on TechnoratiShare this topic on TwitterShare this topic on YahooShare this topic on Google buzz
Author Topic: Facebook security warning: Thousands of passwords stolen  (Read 11 times)
javajolt
Administrator
Hero Member
*****
Online Online

Gender: Male
United States United States

Posts: 32005


I Do Windows


WWW Email
« on: November 15, 2020, 02:52:15 AM »
ReplyReply

Stolen social media accounts are a hot commodity on Dark Web marketplaces. The average Facebook account sells for about $74.50, making the social network a priority target for phishing scams and cybercriminals.

Phishing campaigns make it easy to steal large quantities of login credentials at once. All scammers need to do is create a fake login page and trick victims into signing in. Tap or click here to see a copyright notice phishing scam targeting Facebook users.

If cybercriminals aren’t careful with their stolen data, they can easily blow their entire operation. A group of cybercriminals learned this the hard way after hosting hundreds of thousands of Facebook logins on an unprotected database. Cybersecurity isn’t just for the good guys, after all.

A botched phishing job leads Facebook to a ring of cybercriminals

Security researchers with VPNmentor found an unsecured database containing hundreds of thousands of stolen Facebook logins. The credentials were stolen as part of a widespread phishing operation targeting Facebook users with fake landing pages.

The researchers, who shared their findings with CNET, believed the scammers used websites that offered fraudulent services to Facebook users, such as reports on who recently visited a user’s page.

Victims would log in with their username and password, thinking they were signing up for the service, only to have their data stolen and sent back to the cybercriminals.

The massive amount of users in the database is shocking enough, but the scammers made a fatal mistake during their data heist: They forgot to add a password to their treasure trove of stolen data.

Anyone with a web browser could easily access the stolen database, which contained millions of user records. VPNMentor researchers believe the accounts were used to dupe even more victims into joining a cryptocurrency scam.

The botched security of the database gave researchers everything they needed to report their findings to Facebook. The database is no longer online, and Facebook forced password resets for affected users.

Am I affected? What should I do?

If your information was included in the link, Facebook might have already reached out to you with a password reset request. If Facebook forces a password reset, you won’t be able to log in again until you create a new password.

Even if you weren’t a victim, it’s always a good idea to frequently reset your password. Any phishing campaigns or brute-force attempts won’t be able to keep up with your account if you do.

Follow these steps to reset your Facebook account on your computer or smartphone:

On your desktop:

1. Click the downwards-pointing arrow in the top right of the Facebook homepage.

2. Click Settings & Privacy, followed by Settings.

3. Click Security and Login.

4. Click Edit next to Change password.

5. Enter your current password and type in a new password. Use a complex combination of letters, numbers and symbols that won’t be easily guessed.

6. Click Save Changes.

On your phone

1. Open the Facebook app and tap the three-line icon. On iOS, the icon will be on the bottom right. On Android, the icon will be on the top-right.

2. Scroll down and tap Settings & Privacy, then tap Settings.

3. Tap Security and Login, then tap Change Password.

4. Enter your current password and type in a new password. Use a complex combination of letters, numbers and symbols that won’t be easily guessed.

5. Tap Save Changes.

For extra security, we’d also recommend activating two-factor authentication for your Facebook account. Once 2FA is set up, you’ll automatically know when someone tries to log in without your permission.

To stay safe in the future, follow these guidelines:

• Never log into your Facebook account outside of Facebook. Services that ask for your login information do not have your best interest in mind.

• Any time you’re asked to log into your account, look at your browser’s address bar. If the URL doesn’t include “Facebook.com,” it could be a phishing site.

• Avoid clicking any links sent to you by email. If you click a link from an email that takes you to a Facebook login page, close your window. This is a red flag for phishing sites.

With a stronger password and two-factor authentication turned on, you’re already smarter than the cybercriminals running this failed phishing campaign. If only the rest of the cybercriminals out there were this careless. Then they might not be such a threat anymore.

source
Logged


Pages: [1]
  Print  
 
Jump to:  

Powered by SMF 1.1.21 | SMF © 2017, Simple Machines

Google visited last this page November 18, 2020, 05:50:14 AM