Facebook users who allow third-party applications onto their desktop have been warned that a rogue Facebook app is luring users to a site set up to harvest their credentials.
Affected users receive a notification that someone has commented on one of their posts, but clicking on the hyperlink in the notification leads to a malicious site hosted on the fucabook.com domain, according to Trend Micro senior security advisor Rik Ferguson.
The malicious site then pulls up the real Facebook log-in page to prompt users to enter their details again.
The notifications appear to come from a dubious sounding app called 'sex sex sex and more sex!!!' which has over 287,000 users signed up already, said Ferguson. He warned users to always check the URL of a site in the browser bar before entering sensitive information.
"Also check the true destination of a link before clicking it by hovering your mouse pointer over it. If it looks suspicious, don't click it," he wrote in a blog post. "Also, if you're a Facebook user, now would be a good time to review your privacy settings and clear out any applications you no longer use."
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago