Infosecurity

Phishers Hit Facebook with scam messages

By Alice Kok | 30 April 2009

Facebook users were hit yesterday (29th April 2009) with a phishing attack that tried to steal names and passwords from users of the popular social networking site.

View photos

Related Categories

• INFOSECURITY

From this Section

• NEWS

In the attack, people are sent phoney e-mail messages, appearing to come from Facebook, that try to send them to a malicious Web site, Fbaction.net, which looks like a Facebook log-in page.

The Fbaction.net Web site was live Wednesday afternoon, but Facebook is working to blacklist the domain and hoping to have the site shut down. The company said in a statement: “We are aware of this phishing domain and have already begun to take action.”

“Our user operations team has blocked the domain from being shared on Facebook and is removing the content retroactively from any messages. They will also be resetting passwords of senders to remove access from an attacker. We’re also reaching out to the ISPs to get information and will attempt to build a civil and/or criminal case against the owners.”

Victims of the attack are being sent a message with the Subject line “Hello,” that appears to come from a friend. The message simply invites the victim to visit a URL that redirects the victim to the Fbaction.net web site.

Victims of the phishing attack are given several warnings. The first comes when they click on the link in the original message and are redirected away from Facebook’s web site. Another warning pops up after users enter their name and password on the phishing site and are redirected back to Facebook. This second warning advises victims to change their password.

The Fbaction.net web site does not attack the victim’s computer, but only tries to collect log-in information.