Facebook Phishing

Some colleagues and I talked about this potential threat a few months ago, and it looks like it's finally starting to happen.

Some Facebook users checking their accounts Wednesday found odd postings of messages on their "wall" from one of their friends, saying: "lol i can't believe these pics got posted.... it's going to be BADDDD when her boyfriend sees these," followed by what looks like a genuine Facebook link.

But the link leads to a fake Facebook login page hosted on a Chinese .cn domain. The fake page actually logs the victims into Facebook, but also keeps a copy of their user names and passwords.

Soon after, the hackers post messages containing the same URL on the public "walls" of the users' friends. The technique is a powerful phishing scam, because the link seems to be coming from a trusted friend.


Hackers can use the compromised profiles to host Trojan horses such as key loggers that go on to steal banking passwords and credit card numbers.

And since many people use the same logins and passwords on multiple sites, the hackers can also check if stolen Facebook credentials will log them into eBay or Amazon, for instance.


hanum said…
I couldn't open my inbox and I've got message from FB Team: "We have detected suspicious activity on your Facebook account and have temporarily suspended your account as a security precaution. It is possible that malicious software was downloaded to your computer or that your password was stolen by a phishing website designed to look like Facebook. You can regain control of your account by logging into Facebook and following the on-screen instructions. Please be sure to visit the Facebook Help Center (http://www.facebook.com/help.php) for further information regarding these security issues and let us know if you need assistance". Do you know?

Popular posts from this blog

How to Fix a Jammed Toyota Camry Trunk

Chase Fraud Alert from SMS 28107

Analysis of What Information Angry Birds Collects