A number of Facebook users in our area are finding that even that can be very risky.
"My computer got infected with Trojans and I wasn't able to access any webpages," Sabrina Dulisse of Sewell, New Jersey said.
Sabrina's problems began over the weekend when she went on her Facebook account and found a posting that she thought was from her best friend:
"Meaning that this was a post from my best friend, I was wondering what did he post and then I clicked on it," Sabrina said.
Clicking on the post turned out to be a big mistake because the posting was from a hacker who stole her friend's Facebook identity, downloaded malicious software that made her computer inoperable, and possibly stole personal information from the computer:
"Being curious as I am, I guess curiosity killed the cat," Sabrina said.
Not did it create problems on her computer, but the hacker also stole her identity and started sending emails loaded with malicious software to people on her friends list.
Lou Rubens also learned over the weekend that hackers had stolen his Facebook identity.
"People kept getting emails from me and they were texting me on my cell phone telling me 'Did you send me a video?' And they would open it up and it would shut everything down on them. The computer would shut down everything," Lou said.
Dr. Rob D'Ovidio of Drexel University's Cybercrime and Forensics Research program says this a relatively new type of phishing scheme that's been appearing on Facebook, MySpace and even Twitter.
"We categorize this as a spear-phishing scheme, meaning it's more deceptive because it's personal in nature and its more direct, you're getting the message from someone you already have a trusting relationship with," Dr. D'Ovidio said.
We alerted Facebook officials about the Facebook hijackings. A spokesman tells Action News that they have already blocked links to these phishing sites from being shared on Facebook. Further, that they're also cleaning up phony messages and wall posts and are resetting the passwords of affected users.
Dr. D'Ovidio has advice on how to avoid web hijackers.
"I can't say enough that you need to make sure you're very vigilant in updating your antivirus, updating your anti-spyware," Dr. D'Ovidio said.
You should also avoid opening e-mail links or attachments or call your friends first to make sure they really sent them. Also, change passwords often and always use different ones for all your web accounts.
When your browser asks if you want it to remember your password, always say no so it's not stored in your computer.
LINKS: Facebook Security
Get Action News on your website
