On 29th may, 2013, Another “Fan page phishing fraud” made Facebook a subject of debate among the Facebook security developers, internet users, and of course Facebook users. According to the Australia-based security blog Hoax-Slayer, the fraud commences with a message in an admin’s Facebook message inbox. The message intending to be from Facebook Security requests that a security feature called the “Fan Page Verification Program” is being enforced and users must click a link and choose a ten-digit security code to finish the process. The message also states that if the user does not complete the coding process by 30, May 2013 then the page will be debarred.
Once the Facebook user enters email address, password, and transferring security code, it shows a message on the next screen” Your Transferring code it’s being added and you will receive the confirmation in your mail when the process it’s completed, usually within 24 hours”. It is not from the Facebook security department, but the whole conspiracy is a trick of phishers and is not genuine. The fact is there is no such “Fan” to be found in Face book’s Help center. The Facebook-page URL and confirmation code are, certainly, unrelated.
Thus, victims will imagine that they have completed the security instructions of Facebook and waits for the confirmation mail. However, they do not know that they have given all the details to the hackers. Meanwhile, criminals can misuse their Facebook account details in an offensive way. If you concentrate on the message, you will find broken English, missing punctuation and error in capitalization, which also shows that it is a fraud done by malicious hackers.
Such phishing fraud can easily be avoided especially regarding official announcement from Facebook that never request user’s password or email. Actually, phishing is a more sophisticated fraud than any other types of frauds. It is advisable that if anyone receives such fraud message, do not click on any link or attachment that a message holds. As the technology is advancing phishers are targeting giant authorities of different fields among the world and social media is a platform where thousands of people do interact with each other so it would be easy for hackers to make them victim of such phishing fraud.
Identify Phishing Activities
Phishing is a cyber-criminal activity to steal user’s email address, password, and other user details. If a user wants to recognize phishing it may contains some signals that a user has to know like bad grammar, mass email links, asking for authorization, a threat asking for closure of an account. If a user observes any of these activities in his email or on a webpage then, it is time to avoid them. Otherwise, user will become victim of such phishers.
Make sure you are on HTTPS
The best way to make sure is to check the URL of a webpage; it should be starting with HTTPS instead of HTTP. HTTPS means a website is secured with SSL (secure socket layer) protocol- the best technology to secure websites. Some websites also shows a green address bar showing highly authenticated browser. User can click on that green bar to verify the authenticity of a website. It means the site you are visiting is legal and verified.