A warning to all the Facebook users out there – the scammers are after your login details again, this time by spreading a link which purports to be a video of Barack Obama.
The president is finally taking charge!!
[LINK] Is this really for real?.
The image used in the message looks like a YouTube video thumbnail, but if you click on the link you are redirected, via a cross-scripting vulnerability on an MIT webpage and then Reddit, to a phoney Facebook login page.
It may look like Facebook, but it’s not the real Facebook. It’s designed to phish your username and password from you.
Incidentally, the page is hosted on an almost identically-named domain to one we’ve previously seen used in a Facebook phishing campaign.
Facebook usernames and passwords are an increasingly valuable commodity for cybercriminals – once they have those,…
Read more in my article on the Naked Security website.
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.