Cybercriminals hijack Facebook accounts through bogus browser extensions

Summary:Researchers from WebSense are warning on a newly circulating fraudulent scheme relying on bogus browser extensions for hijacking Facebook accounts.

Researchers from WebSense are warning on a newly circulating fraudulent scheme relying on bogus browser extensions for hijacking Facebook accounts.

The add-ons, advertised as DivX plug-ins or coupon generator, use the Facebook API (Application Programming Interface) to post unauthorized messages on behalf of Facebook users who log in from the affected browsers.

According to the researchers, at the moment, only Chrome and Firefox plugins are used.

Topics: Browser, Social Enterprise

About

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popular security blog sharing real-time threats intelligence data with the rest of the community... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.