"Li'l Abner" wrote:

> I bit on something like that a couple of days ago, but it had something to
> do with a facebook page. Then a Facebook login page popped up and Firefox
> automatically filled in my login credentials. I clicked "Login" and the
> screen went away. But FaceBook never showed up.
> The more I thought about it, the fishier it looked.
> So I immediately logged into Facebook and changed my password.
> As much as I preach to my customers about being careful what you click on,
> I couldn't believe that I did it myself!

Yep, it's fairly easy to fall for these tricks if you're not paying
attention.

As always it's a balance between ease of use and security. Don't allow
browsers to store passwords; don't click on things you haven't
deliberately launched; don't use webmail like Hotmail, Yahoo or Gmail,
instead use a proper SMTP mail service like one your ISP may provide.

You think the general public will do this? No chance! They've no idea
that you don't need a browser to do email or that there's more to the
internet than "twitbook".