Facebook neutralizes phishing attack

Share this article:
Facebook said Thursday it has put the brakes on a phishing wave that was trying to dupe members into divulging their login credentials.

During the past two days, phishers sent messages to Facebook users that appeared to come from their "friends." However, the scammers actually had hacked those accounts, giving them the ability to send messages and impersonate the victim.

The emails they sent contained links to two sites -- fbstarter[com] or fbaction[net] -- that were designed to mimic the actual Facebook login screen, company spokesman Barry Schnitt told SCMagazineUS.com on Thursday.The crooks were trying to get recipients to give up their username and password to access Facebook.

Once Facebook learned of the attack, it blocked the scammers' content from being shared on Facebook, and the company changed the passwords on those profiles that had been sending the bogus messages.

"The passwords they've stolen are no longer valid [on Facebook]," Schnitt said. But, he added, the fraudsters may try to use the stolen goods on other websites, where individuals may use the same credentials as they do on Facebook.

Jamie Tomasello, abuse operations manager at message security firm Cloudmark, said the phishing campaign  could just as easily have been pushing links to malware-serving websites that were trying to, for example, trick users into downloading a trojan disguised as a plugin to view a video.

"The more users depend on social networking sites as a trusted source of communication, the more fraudsters are going to abuse it," Tomasello told SCMagazineUS.com on Thursday.

Schnitt said users should be on the lookout for similar scams. He reminded users that Facebook rarely logs them out, thus they would not always have to re-enter their login details. In addition, when being queried for username and password, users should look at the address bar to ensure they are at the legitimate site.

Schnitt said he did not know how many people fell victim. Facebook boasts as many as 200 million active users.
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Company news: New hires at Accuvant, ZeroFox and ThreatStream

New hires at Accuvant, ZeroFOX and ThreatStream, while a divestiture at Juniper and an acquisition for BlackBerry.

News briefs: The latest on Sony, Android, Backoff malware and more.

News briefs: The latest on Sony, Android, Backoff ...

This month's news briefs cover a preliminary settlement Sony will bear for the exposure of 77 million customers, and more.

CryptoWall surpasses CryptoLocker in infection rates

CryptoWall surpasses CryptoLocker in infection rates

A threat analysis from Dell SecureWorks CTU says that CryptoWall has picked up where its famous sibling left off.