WASHINGTON - You put money in the bank to keep it safe, but what you do on Facebook could let cybercrooks drain your bank account.
The Zeus Trojan horse malware program was first detected in 2007, and infected millions of computers through phishing schemes. In May, the malware changed its tactics.
"What's new about Zeus is we're starting to see Facebook used as the method of infection," says Ken Colburn, of the Data Doctors.
Zeus enters your computer when you click on malicious links in Facebook. It then waits for you to type in the address of your online banking page.
"It springs into action and records all your keystrokes, so the remote hackers can steal your access user name and password," says Colburn.
Cyberthiefs are setting up fake Facebook pages, for popular topics like the NFL, and loading the pages with malicious links.
Colburn says the solution is avoid clicking on links from any source you're not familiar with.
Colburn warns against out of the blue Facebook friend requests.
"If you don't have a mutual friend, do not accept it," says Colburn.
Colburn says the malware only attacks Windows-based PCs, so far.
Using Macintosh and mobile devices are a safer option for online banking, says Colburn.
The New York Times reports Facebook is aware of the threat, and reminding users to use anti-malware software.
Follow @WTOP on Twitter.
© 2013 WTOP. All Rights Reserved.