×
We have made updates to our Privacy Policy to reflect the implementation of the General Data Protection Regulation.
New Facebook Phishing Scam Harvests Passwords
 

New Facebook Phishing Scam Harvests Passwords

Friday Mar 11th 2011 by Kara Reeder

The ruse uses a recently announced messaging product that gives Facebook users an opportunity to own an @facebook.com e-mail address as a lure.

M86 Security is warning of a new Facebook phishing scam that attempts to harvest log-in credentials, reports v3.co.uk.

According to an M86 blog post, the ruse uses a recently announced messaging product that gives Facebook users an opportunity to own an @facebook.com e-mail address as a lure. The scam tries to trick users into registering for an @facebook.com e-mail address before someone else gets it, but doing so lets attackers gather log-ins and passwords for the site. M86 explains:

The bit.ly link redirects users to a Facebook App (apps.facebook.com/xxxxxpage), which contains an iFrame that points to a compromised site that is hosting the phishing page ... Once a user clicks Next, their information is sent off to the phishers, their accounts are hijacked immediately and their Facebook status is updated to try to scam their friends/family.

M86 suggests that users visit Facebook's "Account Security" section and select the options that will notify them when a new computer or mobile device has logged into their Facebook account.

Home
Mobile Site | Full Site
Copyright 2018 © QuinStreet Inc. All Rights Reserved