Facebook confirms ‘Fakebook’ phishing attacks
A rapidly spreading phishing worm has been hitting Facebook users, looking for usernames and passwords.
Facebook has confirmed reports that it has been targeted by phishing attacks over the past couple of days.
According to reports, messages linking to the websites fbstarter.com or fbaction.net were spreading fast through the social network.
Security firm Websense describes one of the phishing lures in 'fbstarter', which arrives in a user's Facebook inbox or is forwarded to their email inbox if forwarding has been configured.
The message contains a link that redirects the user to a Facebook phishing page imitating the real site's sign-in page.
Once they've entered their username and password, that's enough for an attacker to log into an account and spam a user's friends.
"Remember never to click on links in suspicious emails or messages and to only log in from legitimate pages with the Facebook.com domain," Facebook Security said in a wall post.
"You should make sure that your Facebook password is different from the passwords you use for other online accounts."
Facebook uses MarkMonitor to help protect users against phishing attacks, and recently expanded the deal to help protect against malware attacks.
The state of Salesforce: Future of business
Three articles that look forward into the changing state of Salesforce and the future of businessFree Download
The mighty struggle to migrate SAP to the cloud may be over
A simplified and unified approach to delivering Enterprise Transformation in the cloudFree Download
The business value of the transformative mainframe
Modernising on the mainframeFree Download
The Total Economic Impact™ Of IBM FlashSystem
Cost savings and business benefits enabled by FlashSystemFree Download