Be Careful What You Click!

Hello Cyberman!

Again a Facebook problem and a again victim list… Recently, absurd pictures have increased again in Facebook groups.

What would you say like:

Above picture like… I know, it looks gross.

If you click picture, you are going to instagram.com. I know, you only clicked because you were curious or because you like the absurd. But the back side of the event is not pretty at all… But let’s face it, it’s not pretty…

Clicking on such links may result in your browser information being compromised.
With a vulnerability called CSRF Token, attackers can hijack your session.

Or, he/she wrote an API that can send messages on your in the name of and may want to get approval for it.

Knowing this is not certain.

When you click for a normal instagram.com, there are many different packages than the one you receive.
And as follows, respectively:

As seen as I did not examine in detail. I couldn’t do it. Because I don’t have time. If you say that you know, I will review, I leave the review link. (Please don’t click if you don’t know.) click for link.

The real question is, I clicked, now what?

There are 3 basic situations:

1 – If there is an api and it can get access to the account in case of click for it, it will message or tag most people around you.
Solution: Checking access from Facebook settings, logging out of all devices and changing your password.

2 – Access to your account. (It is unlikely, but it could happen.) In such a case, an attacker with full authorization to your account can gain access to your other Facebook-related applications. It can use your payment systems.
Solution: Close the account. Your account recovery situation is a bit difficult in this part. Because the hacker can change your information because he gets access to your account.
In such case, contact Facebook administrators and disconnect Facebook from other applications.

3 – It is an application or file download status.
Solution: At such a time, you should disconnect your device’s internet and scan it with antivirus software. You should then extract your data such as pictures/videos to a separate storage device to keep them.
And reset the device if possible.

To be prepared in such situations:

– Do not keep cookies in your browser. Clean your browser regularly.
– Turn on factor authentication. Attackers often do this type of attack in general. If he is thinking of developing a special attack on you, he will be able to bypass 2-factor authentication.
The goal is to make things difficult.
– When you click on such a link, open the incognito tab on your device and do not log in with the browser you always use.
– Do not download files.
– Do not approve requests from the browser.
– And don’t even trust your family on the internet.

Have a nice day with lots of informatics 🙂

Leave a Reply

Your email address will not be published. Required fields are marked *