From observation, this Cross-Site Request Forgery (CSRF) is becoming so rampant. Most of them come in form of shortened URL and most are spread on social mediae like blogs, Twitter, Facebook, Stumble upon, etc. One needs to be careful on what links are clicked because the resultant effects might be so dangerous before you can tell what action you just took.

Coders also should take a peep at this and see how to protect their applications from being agents of such attacks.


Overview

CSRF is an attack which forces an end user to execute unwanted actions on a web application in which he/she is currently authenticated. With a little help of social engineering (like sending a link via email/chat), an attacker may force the users of a web application to execute actions of the attacker's choosing. A successful CSRF exploit can compromise end user data and operation in case of normal user. If the targeted end user is the administrator account, this can compromise the entire web application.

See more here: https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)

Hmmmn. . .I wrote something on this in 2010. .You can check here http://codename-intrusion..com/2010/10/cross-site-request-forgery-are-your-web.html