Tim BrayYow, I just got successfully phished on the Facebook Android app. I clicked on "Your friend X tagged in a post" and this thing managed to put a browser window over the top of the FB app so it looked like I was still in the app, totally consistent style, and asked for a Facebook login, which I haven't done for years so I thought made sense. I fell for it, and I bet most people wouldn't have noticed it was sketchy, which I fortunately did; password hastily changed….
Zalasur 🐸🇺🇦@timbray Boosting so others are aware of this. Thanks for the heads-up!
aegilops@timbray thanks for sharing!
If you switch to using a password manager, then it won’t insert your password into the UI, prompting you to notice that and start questioning what’s up.
If you haven’t already, you could enable MFA, such as a TOTP, to try to limit the effectiveness of stealing the password (though they can be phished along with the password).
Did you check the logged in sessions to make sure the culprit isn’t still logged in after the password change?
Sodomy Non Sapiens@aegilops D'oh, I *did* use my pw manager and it refused to fill and I was too dumb to twig to that instantly. On your last point, when you change your FB password it helpfully asks "would you like to log out all other current sessions?" - kudos to FB, I might not have been smart enough to think about that. Some of those sessions were on hardware retired years ago…
Andrea@timbray wow. FB probably uses https://developer.chrome.com/docs/android/custom-tabs/guide-get-started/ so that they can style the window and make it look like it belongs to the app, which is great for scammers I guess :/
smorks@timbray so was this a notification from facebook? that's pretty scary, regardless!
n3wjack@timbray so that link opened in the browser but full screen oslt?
SpaceLifeFormIf you did not use FB you probably would not have ran into this.
Joe Hill 🇵🇸🇺🇦@timbray
Life Hack: NEVER open a link someone sends you. If it’s even in question, go to the account yourself and see what’s up.
I seem to be getting a plethora of “We can’t deliver your package” texts with a fake UPS/USPS looking link. I have informed delivery so I know they’re fake.
Taya Nielsen
Tony Fisk@timbray Read this at the weekend
https://www.abc.net.au/news/2023-11-18/bank-bogus-octo-scam-apps-phishing/102992426
https://www.abc.net.au/news/2023-11-18/bank-bogus-octo-scam-apps-phishing/102992426
@timbray did you contacted Facebook security? They should make it obvious that you are leaving official Facebook.
They offer the integrated Webview to better track you on the website you visit.
They offer the integrated Webview to better track you on the website you visit.
@timbray maybe they still have access to your account, not sure, if Facebook can invalidate access Tokens if a User changes the password. They could have got an access token, if they were just a little bit faster then you. Better warn all your Friends, as your Account could be used to propagate the same scheme of a friend tagging you.
andrethemac@timbray I use URLCheck .
https://f-droid.org/packages/com.trianguloy.urlchecker/
It's my default browser. It just shows me the URL before I open it in a real browser. It allows for editing, unshorten, ...
https://f-droid.org/packages/com.trianguloy.urlchecker/
It's my default browser. It just shows me the URL before I open it in a real browser. It allows for editing, unshorten, ...
Jim@timbray Some of these are very sophisticated.