Facebook hit by fresh phishing attacks

Facebook has been hit by phishing attacks that attempted to lure users into revealing their login details.

 

The messages were sent to users that appeared to come from their friends, although it was revealed that scammers had hacked those accounts to gain the ability to send messages and impersonate the victim.

 

The messages linked to two sites hosted at fbstarter.com and fbaction.net that resembled the Facebook login screen. Facebook reportedly blocked the content from being shared on its website and encouraged users to change their passwords.

 

In a message on the Facebook security page, it claimed that ‘a couple [of] new phishing sites have popped up over the last day. Remember never to click on links in suspicious emails or messages and to only log in from legitimate pages with the facebook.com domain.'

 

It advised users to ‘make sure that your Facebook password is different from the passwords you use for other online accounts'.

 

Websense Security Labs claimed that the message arrived in a user's Facebook inbox, and users who configured forwarding in their Facebook settings found the message appeared in their email inbox.

 

It warned user to always be suspicious of messages that contain links. It said: “This pertains not only to emails, but to any messages that you receive on the internet. Treat these messages with caution, even if they come from friends' addresses. Social networking has opened the gates for attackers to take advantage of the transitive trust that exists in social networking platforms like Facebook.

 

“To the credit of the Facebook security team, they have been quick to issue a statement and block further messages that attempt to spread any known offending URL. Attempting to send a message in Facebook that contains the known URLs results in an error message.”

 

 

 

 

Sign up to our newsletters