phishing is one of the easiest ways to trick users into giving out their login credentials. All a hacker does is setup a webpage similar in design to that of the Facebook homepage, attach a server sided script to track the username and password entered and store it in a log. Sending people emails stating that someone tagged a photo of them on Facebook in the same format as Facebook and giving a link below to the phishing website further reduces the chances of it being detected as a fake. Sometimes, spam Facebook apps, like those promising to tell who viewed your Facebook profile, automatically post links to phishing websites. A new trend amongst phishers is creating Facebook look-a-like widgets for stealing user’s login credentials.
How to prevent yourself from being phished?