Just a little while ago I received a Facebook message from a friend of mine. The message read: “hey, go to album90 dot com and search for “Pc Pros To Go” then click on the first photo.. I bet you didn’t remember that, eh?”
Seemed harmless enough. So I go to album90.com and you’re presented with a Facebook login screen.
I’m thinking, I’m already logged in to Facebook so why am I getting this message. So I entered in a bogus email address and a fake password and it let me on through. And this was the following page.
Just an image of apparently someone’s graduating class.
Album90 dot com appears to be a phishing site. What’s a phishing site? It’s a site that is set up to resemble a trusted site, where you would normally have to log in to. Only when you enter in your personal information it gets recorded. Then at some point in time, the person who set up the site now has your login information for whichever site they tried to make it look like.
Change your passwords immediately! In this case, go and change your Facebook password. And since a lot of people like to use the same password for everything, if you used the same password for your email address that you use for Facebook, then you probably should change that as well.
The other thing you should do is report the site. To report the site to Google visit Report Phishing Page.
It appears as those both the about90 dot com site as well as the redirect link http://www.facebook.com.login.php-profile-signin-qhwfpxzy.htisp.com/index.php?s=dot have been taken down. So if you happened to get snagged by these people, please make sure to changes your passwords as soon as possible. Otherwise, you should hopefully not get any Facebook messages asking you go to about90 dot com.