14 DAY TRIAL // The Hacker News has come across an interesting-looking phishing scheme hosted on the apps.facebook.com domain. Located at https://apps.facebook.com/verify-pages, the phishing site attempts to trick users into handing over their email addresses and passwords by promising them that their Facebook pages will be verified if they complete the process.
The malicious app is hosted on talksms.co.uk, a domain verified by an SSL certificate from GeoTrust.
Once the information is provided, victims are redirected to the legitimate Facebook Statement of Rights and Responsibilities page.
This is a particularly dangerous phishing scheme because many Facebook users might be tempted to enter their credentials without hesitation.
In case you’ve fallen for this scam, be sure to change your Facebook password at once. If you use the same passphrase to protect other accounts, be sure to change it on those as well.