

Spear Phishing using Facebook activity - hunterwalk
http://jonathanhstrauss.com/blog/2013/05/spear-phishing-using-facebook-activity/#awesm=570a39088891f4a8024bb68c0abefbff

======
jhstrauss
A commenter on the post just suggested auditing all the apps/sites with which
you've used FB auth. This hadn't occurred to me, and frankly is even more
scary IMHO. In theory, anyone who sufficiently compromises one of those apps
would be able to access any of the permissions you've given the app.

~~~
patio11
Sound advice. If you used someone's side project on Hn 3 years ago, and they
e.g. didn't patch Rails in January, they're rooted now, so your Facebook
account is effectively rooted to the limit of all privileges you've granted.
(That assumes you trust the Facebook security model for app permissions.)

------
maxmcd
I've been getting very similar emails recently, but assumed that one of my
friend's Gmail accounts had been compromised. However, this makes a lot more
sense. The fake emails have been sent from the names of people who are most
active on my facebook posts.

~~~
lotharbot
I've seen the same phenomenon. It's been maybe 3 or 4 names, including one
person with whom my only online interaction has been through FaceBook. They're
from very different circles of friends, so they wouldn't have interaction with
each other except potentially through me.

All of the names were people I interacted with quite a bit one particular
week, maybe back in August or so. I suspect we all ended up commenting on or
liking the same item, probably something that had been initially posted with a
privacy setting of "everybody", which would've showed up in my feed in
response to one friend's activity and then my other friends' feed in response
to my activity.

If only I could identify what post, activity, or item all of those friends had
in common...

