Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the best-selling Take Control ebooks.

 

 

Pick an apple! 
 
Opening a Folder from the Dock

Sick of the dock on Mac OS X Leopard not being able to open folders with a simple click, like sanity demands and like it used to be in Tiger? You can, of course click it, and then click again on Open in Finder, but that's twice as many clicks as it used to be. (And while you're at it, Control-click the folder, and choose both Display as Folder and View Content as List from the contextual menu. Once you have the content displaying as a list, there's an Open command right there, but that requires Control-clicking and choosing a menu item.) The closest you can get to opening a docked folder with a single click is Command-click, which opens its enclosing folder. However, if you instead put a file from the docked folder in the Dock, and Command-click that file, you'll see the folder you want. Of course, if you forget to press Command when clicking, you'll open the file, which may be even more annoying.

Visit Eolake's Blog

Submitted by
Eolake Stobblehouse

 
 

Beware Facebook Phishing Attack!

Send Article to a Friend

I don't use Facebook much, so replying to Facebook messages (which appear in my email) are the main thing that prompts me to log in. However, a message last week, from someone I knew in high school but haven't otherwise spoken to in 25 years, was a bit different from the norm. The message merely said, "Look at this!" and gave a link to "fbstarter.com".

I was suspicious already, since it seemed a bit unlikely that this person would have sent me a message, and the message itself was inexplicable. But, I'm on a Mac, and I have good backups, so I decided to visit the URL. It displayed what looked like a normal Facebook login page, but Firefox hadn't pre-filled my login credentials, and the domain was indeed fbstarter.com, which was just strange. Warning bells were going off in my head, so I immediately closed the page.

After a quick Google search, I discovered that Facebook is being used to send phishing attacks. Neither the fbstarter.com domain nor another domain being used, fbaction.net, is dangerous, but both will try to steal your login credentials so your account can be used to launch future attacks. If you use the same login credentials on other sites, I strongly encourage you to change your passwords on those sites as well.

I suspect that the initial attack vector was purely through forged email, but once accounts had been compromised, the attacks were launched through Facebook itself; the one I received certainly came through Facebook.

Facebook has released a statement saying that they're blocking the fbaction.net domain from being shared on the site (I couldn't use that domain in a comment to the sender of the message), removing referring content, and resetting passwords of senders so the attackers can no longer access those accounts. None of the initial coverage I saw mentioned the fbstarter.com domain, so it appears that the attackers can easily tweak the attack. Now the entire situation may devolve into a game of whack-a-mole, as the attackers come up with new phishing attempts and Facebook blocks them.

The moral of the story? Be very suspicious of messages you receive on Facebook or from Facebook via email. If they contain links that are at all generic or dubious, verify the message with the sender before clicking the links. And if you follow any links that display a Facebook login page but do not have the http://www.facebook.com/ domain in the address bar, do not log in.

 

Fujitsu ScanSnap Scanners — Save your business time and money
with our easy-to-use small ScanSnap Scanner line. Eliminate
paper piles by scanning documents, business cards, and receipts.
Visit us at: <http://www.ez.com/sstb>