There's another security flaw on the Web, and this time it's attached to Facebook. It can steal all your personal details saved on Facebook. It's called Covert Redirect. Fortunately, it's not anywhere near as bad as Heartbleed.
Covert Redirect is a sophisticated phishing scheme that Facebook has been aware of for a while.
Let me break it down for you.
There are various sites that try to link to your Facebook account. You've seen those sites, the ones that say "Create a new account" or "Sign in using Facebook" and have a Facebook button. You click the Facebook button and go about your merry way. In fact, to comment on my site, you need to log-in using your Facebook Account.
Now, there are numerous bogus phishing sites that disguise themselves to look like legitimate ones. You've seen phishing before on the Web and in your email.
Almost 90 percent of phishing links are spread through a browser, not your email. If a site looks wrong or just seems off, close your browser immediately. Erase cookies from that site. Be aware of typos and the address shown in your browser. Often, the phishing site's address is just one or two characters off a real site's page. When you click the Facebook button on the phishing site, you are actually sending everything that Facebook knows about you to the phishing site.
This warning serves as another reminder that your security online is important. I wrote a column that might help you. It's entitled 5 Ways to Test Your Computer's Security. It's one thing to have the right programs and settings. You also need to be sure that it's all working properly.
Concerned about other ways you can be vulnerable because you use Facebook? Here are my most popular Facebook tips you might find handy:
- Five Facebook problems you need to fix right now
- Facebook exposes your exact location unless you make a change
- And Two ways to keep hackers out of your Facebook account