Homehttps://server7.kproxy.com/servlet/redirect.srv/sruj/smyrwpoii/p2/Technologyhttps://server7.kproxy.com/servlet/redirect.srv/sruj/smyrwpoii/p2/Behold, the Facebook phishing scam that could even get vigilant users
Behold, the Facebook phishing scam that could even get vigilant users
Phishers are deploying what seems to be a clever new trick to snag people's Facebook passwords by presenting convincing replicas of single sign-on login Windows on malicious sites, researchers said this week.
Single sign-on, or SSO, is a feature that allows people to use their accounts on other sites-typically Facebook, Google, LinkedIn, or Twitter-to log in to third-party websites. SSO is designed to make things easier for both end users and websites. Instead of having to create and remember a password for hundreds or even thousands of third-party sites, people can log in using the credentials for a single site. Websites that do not bother creating and securing password-based authentication systems need only access an easy-to-use programming interface. Security and cryptographic mechanisms under the hood allow the login to happen without the third party site ever seeing the username password
Myki has recently found a site that purported to offer SSO from Facebook. As the video below shows, the login window looked almost identical to the real Facebook SSO. This one, however, did not run on the Facebook API and did not interfere with the social network in any way.