The “Covert Redirect” phishing scam has been around for a long time, but scammers are now using it to harvest the email addresses and passwords that victims use to log in to their Facebook accounts.
The scam works like this: You visit a website and like what you see, but you are asked to either “Create a new account” or “Sign in using Facebook” before being allowed to see or do certain things with the site (leave a comment for example).
If you choose the “Sign in using Facebook” option on a website that was set up with the sole intention of stealing your Facebook login credentials, you’ll be presented with a fake Facebook login form that looks exactly like the real one that Facebook itself presents to its users. The problem is the login form is actually hosted by either the fraudulent website itself or another affiliated fraudulent website, not Facebook.com.
If you enter your Facebook login credentials into the fake sign-in form, you will essentially be handing over complete access to your Facebook account to hackers. Not a good thing!
Luckily, there are three easy ways to avoid the “Covert Redirect” scam when you visit a website that asks you to either create an account or sign in using Facebook:
1 – Don’t use that site at all. If you simply click away from the site and refuse to use it, the scammers won’t be able to steal your Facebook login credentials. The only problem with this option is there are tons of legitimate sites that require you to log in via Facebook in order to fully take advantage of their content or services. In short, by clicking away, you could end up missing out on something great.
2 – Choose the “Create a new account” option using a secondary email account that was created just for signing up for web offers. Also, be sure to create a new password that you don’t use on any other website. That way if the site turns out to be fraudulent, the scammers won’t be able to do anything useful with your login info.
3 – Choose the “Sign in with Facebook” option, but look carefully at the web address displayed in the address bar at the top of the box that pops up containing the login form.
If the URL starts with anything besides https://www.facebook.com/login.php you’ll know that the site is trying to scam you. A legitimate Facebook login form will ALWAYS have that exact sequence of characters at the start of the URL. If even one letter is off, you’re in danger of being scammed!
Protecting your identity and securing your Internet-based accounts from scammers and hackers is getting harder all the time, but it CAN be done with a little insight into how the scams work and remaining on the lookout for them. I’ll try my best to keep you up to date on new scams and security holes as they are discovered.
Important: I hope you’ll consider sharing this post on Facebook and Twitter to help warn as many folks as possible. Thanks.