New Facebook Phishing scam found

January 13, 2012 by
Filed under: Computer Security 

Screen shot shows example of message. (credit: Kaspersky Labs)

A new Facebook Phishing scan was detected by the Kaspersky security today. This new threat is being used to not only compromise your login credentials but to also try and steal your credit card information by posing as a notice from Facebook security. The message states that your account may have been hacked and that they need to verify your login information to prevent your account from being closed. The cyber criminals are using the reasoning that you “want to keep you account open” so you will follow the link. (Based on past Facebook scam success, they would be correct in assuming this.) Once the user clicks the link they are taken to a page that looks just like a legitimate Facebook security page as seen below.

Screen shot shows example of message. (credit: Kaspersky Labs)


After the login information is entered the next screen says that the account needs additional verification and to please enter a credit card number so you will continue to be able to purchase Facebook credits.

Screen shot shows example of message. (credit: Kaspersky Labs)

When an account is breached the worm will change the profile picture to the Facebook logo and the contact name to “Facebook Security”, the worm will then attempt to send messages to all of the contacts in your address book posing as the security team and stating that their account will be closed if they do not verify their login information by clicking a link provided.

As a reminder, if so get a popup that looks like this do not click the link. Facebook scams are getting more advanced with every new version so its getting harder to tell the legitimate messages from the fake ones. Be sure to let your Facebook friends know about this so they don’t don’t for it because if they do you may get a message from their compromised account!

Facebook has responded to the notice and has stated that they take security very seriously and are looking into the issue.
Additional Facebook security information can be found here: http://www.facebook.com/security

The original post by Kaspersky can be found here: http://www.securelist.com/en/blog/208193325/Facebook_Security_Phishing_Attack_In_The_Wild


Facebook Twitter Email

Comments

Tell me what you're thinking...