Facebook hit by fresh phishing attacks

News by Dan Raywood

Facebook has been hit by phishing attacks that attempted to lure users into revealing their login details.

Facebook has been hit by phishing attacks that attempted to lure users into revealing their login details.


The messages were sent to users that appeared to come from their friends, although it was revealed that scammers had hacked those accounts to gain the ability to send messages and impersonate the victim.


The messages linked to two sites hosted at fbstarter.com and fbaction.net that resembled the Facebook login screen. Facebook reportedly blocked the content from being shared on its website and encouraged users to change their passwords.


In a message on the Facebook security page, it claimed that ‘a couple [of] new phishing sites have popped up over the last day. Remember never to click on links in suspicious emails or messages and to only log in from legitimate pages with the facebook.com domain.'


It advised users to ‘make sure that your Facebook password is different from the passwords you use for other online accounts'.


Websense Security Labs claimed that the message arrived in a user's Facebook inbox, and users who configured forwarding in their Facebook settings found the message appeared in their email inbox.


It warned user to always be suspicious of messages that contain links. It said: “This pertains not only to emails, but to any messages that you receive on the internet. Treat these messages with caution, even if they come from friends' addresses. Social networking has opened the gates for attackers to take advantage of the transitive trust that exists in social networking platforms like Facebook.


“To the credit of the Facebook security team, they have been quick to issue a statement and block further messages that attempt to spread any known offending URL. Attempting to send a message in Facebook that contains the known URLs results in an error message.”






Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming event 

Webcast: Understanding this year's biggest adversaries - and how to combat them 

Nation-state activity, versatile, slippery strategies and Big Game Hunting - the threats are real, dangerous and ever changing. 
Brought to you in partnership with Crowdstrike