Facebook and Twitter Contain Sneaky Vulnerability Within Links

There is a sneaky vulnerability in Facebook and Twitter that is difficult to detect and hackers may use it for phishing for your credentials. It is within the URL address that either opens a new window or tab after you click a link in either of the social media sites.

It happens when you click a malicious link that you see in your feed or elsewhere while you are logged into your account. After it opens the window, it logs you out. When you go back to visit your Facebook or Twitter page, you have to log in again. You may think nothing of it, but that is actually when the hackers grab your credentials.

Unfortunately, it’s really difficult to know if or when this may be happening. The best advice is just to be 100% sure you want to click that link and that it won’t cause harm to your device.

In addition, make sure you have the anti-phishing features enabled on your browsers and that anti-malware is installed and up to date on all of your devices. There is no guarantee these will stop this attack, but you are certainly in better shape.

The technical details have to do with how the link is written, but suffice it to say that the reason these links are written in such a way is so that the referral information to the new site records from where the link was clicked. For example, if you click an ad on any social media site or browser, there is an indicator in the link that gets sent to the advertiser for reference. Advertisers want this information. It helps them know where their advertising dollars are being best spent.

Facebook has taken steps to help mitigate this, but their action will not eliminate the threat. It just diminishes the probability that a large-scale attack will occur.

Just be sure that whatever you are clicking on at all times is really what you want to do. If you cannot be certain without a doubt that it isn’t harmful, then just don’t go there.

© Copyright 2016 Stickley on Security