IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Facebook confirms ‘Fakebook’ phishing attacks

A rapidly spreading phishing worm has been hitting Facebook users, looking for usernames and passwords.

Facebook logo

Facebook has confirmed reports that it has been targeted by phishing attacks over the past couple of days.

According to reports, messages linking to the websites fbstarter.com or fbaction.net were spreading fast through the social network.

Security firm Websense describes one of the phishing lures in 'fbstarter', which arrives in a user's Facebook inbox or is forwarded to their email inbox if forwarding has been configured.

The message contains a link that redirects the user to a Facebook phishing page imitating the real site's sign-in page.

Once they've entered their username and password, that's enough for an attacker to log into an account and spam a user's friends.

"Remember never to click on links in suspicious emails or messages and to only log in from legitimate pages with the Facebook.com domain," Facebook Security said in a wall post.

"You should make sure that your Facebook password is different from the passwords you use for other online accounts."

Facebook uses MarkMonitor to help protect users against phishing attacks, and recently expanded the deal to help protect against malware attacks.

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Recommended

Facebook business accounts hijacked by infostealer malware campaign
Security

Facebook business accounts hijacked by infostealer malware campaign

26 Jul 2022
Meta begins encrypting Facebook URLs, nullifying tracking countermeasures
privacy

Meta begins encrypting Facebook URLs, nullifying tracking countermeasures

19 Jul 2022
EU inches closer to blocking Meta from sending personal data to US
Policy & legislation

EU inches closer to blocking Meta from sending personal data to US

8 Jul 2022
Meta hit with €17 million fine over multiple GDPR breaches
data protection

Meta hit with €17 million fine over multiple GDPR breaches

16 Mar 2022

Most Popular

Cyber attack on software supplier causes "major outage" across the NHS
cyber attacks

Cyber attack on software supplier causes "major outage" across the NHS

8 Aug 2022
Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022