14 DAY TRIAL // Phishers are trying to steal login credentials from Facebook users by spamming them with malicious links through the social network's chat system.
The new campaign abusing the Facebook chat feature has been spotted by security researchers from antivirus vendor Trend Micro.
The rogue messages coming from compromised accounts read: "Hello [your_name], what are you doing in this video??? LOL No comment! http://apps.facebook.com/friend[censored]"
According to Christopher Talampas, a fraud analyst at Trend, the link eventually leads to an external phishing website that imitates Facebook login page.
"Phishing attacks such as this that use Facebook applications are not entirely new but having it spread via Facebook’s own chat feature makes it a more significant threat. "The appearance of these messages coming from a user’s friends may lead to more people clicking these links," the expert writes.
It's not clear if the stolen login details are used to send chat spam or if some other method is employed.
Last month we reported about a 'free iPhone' scam, that did not involve any phishing, being propagated in the same way.
If you have reason to believe that you've been sending out rogue messages like this one there are a few steps you can take to secure your account.
First of all, scan your computer with a capable and up-to-date antivirus program. If the system you log into Facebook from is compromised, your profile will be hacked repeatedly.
In fact it would be sensible to perform separate scans with several different products. All major vendors offer trial versions of their products, which are fully functional for 30 days or more and can be used for this purpose.
Once you are confident that your computer is clean, change the password to your Facebook account. If you use the same password for multiple services, like email or PayPal – which you shouldn't be doing – change it in those places too.
The third step is to log into Facebook with your new password and go to Account > Application Settings and change the "Show" filter to Authorized from the drop-down list.
Here you will see a list of applications authorized to interact with your profile. Look for any entry with a supicious-looking name that you don't recognize and remove it by pressing the X next to it.