Home : Security : News

Facebook confirms ‘Fakebook’ phishing attacks

A rapidly spreading phishing worm has been hitting Facebook users, looking for usernames and passwords.

By Asavin Wattanajantra, 1 May 2009 at 11:18

Facebook has confirmed reports that it has been targeted by phishing attacks over the past couple of days.

According to reports, messages linking to the websites fbstarter.com or fbaction.net were spreading fast through the social network.

Security firm Websense describes one of the phishing lures in 'fbstarter', which arrives in a user’s Facebook inbox or is forwarded to their email inbox if forwarding has been configured.

The message contains a link that redirects the user to a Facebook phishing page imitating the real site’s sign-in page.

Once they’ve entered their username and password, that’s enough for an attacker to log into an account and spam a user’s friends.

"Remember never to click on links in suspicious emails or messages and to only log in from legitimate pages with the Facebook.com domain," Facebook Security said in a wall post.

“You should make sure that your Facebook password is different from the passwords you use for other online accounts.”

Facebook uses MarkMonitor to help protect users against phishing attacks, and recently expanded the deal to help protect against malware attacks.

Email to a friend

Print this page

< Previous Security : News Next >

Be the first to comment on this article

You need to Login or Register to comment.

Latest Security Analysis & Insight

Who to trust after the VeriSign hack?

Davey Winder questions what data was stolen from VeriSign and wonders why the company hasn't been more forthcoming.

More Security Analysis & Insight

Latest Security Reviews

Check Point 2210 Appliance review

Rating:

Check Point's new 2200 Appliances combined enterprise level network security with an SMB price tag. Its software blades provide a wealth of features, but do they complicate deployment? Read this exclusive review to find out.