Self-XSS (Cross Website Scripting) :Social Technological innovation Strike and Avoidance (Facebook)



What is Self-XSS?
Self-XSS is one of the popular Social Technological innovation Strike used by Assailants to technique customers into insert the harmful value in web browser.  Results in enemy obtaining to the whatever website you visit. Usually fraudsters use this attack for fooling customers to buy products or get money through paid study .

Recently, Online hackers Assaulted Facebook or myspace with precise serious adult pictures. Facebook or myspace says it might be self-Xss Attack .

Javascript can be implemented in web browser url bar.
For example , enter the following code in your browser:
javascript:alert('BreakTheSecurity');
This will display a pop up box with "BreakTheSecurity".  An enemy can use this for harmful objective. He can grab Private information, biscuits, divert to viruses websites and more.
For Eg:
Entering the following value will display the biscuits in your browser:
javascript:alert("Cookies:"+document.cookies+"  "+"\n By \n BreakTheSecurity");

    The above value is not going to anything maliciously other than showing the biscuits.  But an enemy can increase the program so that it can take benefits your information.

    Security Guidelines from BreakTheSecurity:
    Use NoScript add on that will avoid javascript operating in your web browser.
    Don't simply select the shorthand web addresses for Example: bit.ly/55ewEb?22.  This may divert to an contaminated websites.
Conscious of Public Engineering:
If anyone ask you(even if he is your friend) to insert the programs in web browser bar, Never do this error.  
If anyone says "Iphone only $10", Don't desperate to just click it. 
If anyone says "1000 stocks will treat a baby", Never do this error. Facebook or myspace stocks never help to get cash or help to treat child.
God provide us with the 6th Feeling,Use it and think before you just click any hyperlinks or following the other guidelines.