Thursday, July 14, 2011

Facebook Google+ Invite Scam Can Steal All Your Personal Information Including Name, Date of Birth, Password, And Current Location

By Cesar Ortiz
Google+ is the new rival for Facebook. Users in the thousands are receiving fake invitations as part of a rogue scam designed to steal your entire Facebook page private Information. If users fall into this trap, we can say that the hackers own their Facebook page. The scam begins as follows:
Users receive a message with the Google+ logo that says:

“Google+ -Get Invite
Unofficial Fan Page
118,500 people like this”

If the user clicks on the invite, it is then taken to a “Request for permission” fake screen frame designed to look very, very professional. In that permission page you are allowing the criminal, disguised as Google+, to “Access my basic information, Send me e-mail, Post to my wall, Access my data any time, Access my Profile information” In other words, users are surrendering their account to a third party, a criminal in this instance.

The next step in the scam is that users are taken to a very pro looking Facebook like window with a “Continue” link. Facebook never uses this type of window but users may click on the “Continue” link. Since victims already gave the scammer permission to access all his or her friends list, the hacker uses social deception techniques and presents you with a very, very professional Facebook looking page titled “Select friends for Google Plus-Direct Access requests” This page even has a photo and name of each of your friends. In theory, every friend selected will receive the same message you received therefore propagating the scam. I believe that all your friends will receive the message regardless if you choose them or not. Hackers will not give up this priceless opportunity to steal account data in the thousands.

Probably, the original hacker will not use your personal data itself; it will sell the listings in bulk in the Internet open hackers market to the best bidder, who will use it at will. To remove this hack, users will have to do four things (1) Remove the subject messages by clicking on the small “x” to the right of the message, this stops spreading the scam to your friends and (2) remove any related application in the “Profile Information”, “Privacy settings”, “Application websites” such as “Google+ invite”. (3) Make sure you notify your friends that you where infected so that they can clean up their own account (4) Change your Facebook password immediately.

No comments: