Anytime a new trend catches on malicious attackers are sure to be close by, mimicking the trend to capture unsuspecting users. Now that the Facebook “Like” Button is popping up on more sites around the internet, phishing attacks are going to start popping up here and there. How would Like Button Phishing work? Click “Read the rest” to see an example…

All that is needed is a mock-“Like” button such as the one below. If you click on it, the Facebook login screen will appear as if you weren’t logged in. But if you are careful enough to check the URL you will notice it is not the actual Facebook login screen, it is hosted elsewhere (on my site). If someone were to enter their email/password the attacker could easily log that information, and simply display an error message as if it weren’t working. Too bad by then the damage is done.

The lesson here? Always check the URL of any page you click to!