Cybercriminals
have developed a custom piece of malware that injects itself into your
Facebook session and prompts you to donate to a charity for sick
children. The scammers' goal is to make off with your personal data,
especially your credit card number. Security researchers have
discovered a new variant of the Citadel malware that injects itself into
your Facebook webpages and demands that you make a donation to a fake
charity for sick children. Please be warned: there are no children
charities that will ask you for a donation via Facebook. There are,
however, individuals very interested in stealing your credit card number
and other personal information (note: this is not the first time
Facebook users are specifically being targeted, and it certainly won't
be the last).
Once your
computer is infected with the malware, it quickly adds itself into your
Facebook session, as you can see above. After you log into your Facebook
account, the Citadel injection mechanism displays a pop up that
encourages you to donate $1 to children who "desperately" need
humanitarian aid. Next, it asks you for your name, credit card number,
expiration date, CVV, and security password.
This attack is a
massive undertaking. The cybercriminals behind this scam are likely very
well organized and have been pushing very hard to spread it on
Facebook. If you've discovered that you are affected by this attack, use
an antivirus program (such as Microsoft Security Essentials) to clean
your system before using the social network again.
As a general
word of caution, don't hand over any of your credentials via Facebook
unless you are absolutely certain that it's coming from the social
network. While there are some services that ask for your credit card,
that will be on there official Facebook Page, not in a random popup
spamming you to donate. If you want to warn Facebook about this scam,
feel free to contact Facebook Security.
Related Posts:
zohaib
No comments:
Post a Comment