Threat Level: green Handler on Duty: Remco Verhoef

SANS ISC: Facebook Phishing attack -- Don't go to fbaction.net - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Facebook Phishing attack -- Don't go to fbaction.net

Matthew writes in to tell us about an article posted over on TechCrunch about a Phishing Attack that is "underway at Facebook."

This Phishing attack is an email that has the subject "Hello"  (First off, if you receive an email that has a subject of "Hello", and that's all...  immediately suspect for nonsense.  I used to get a ton of these at one point, because I belonged to a website where people would post via a webpage, and this webpage had no spam protections, so the most common Subject was "Hello".  It got so bad, I used to send all Emails with simply the subject "Hello" to /dev/null.  (Yes, it was *that bad*.) Anyway, I digress.)

The phishing attack with read something like ""YOURFRIEND" sent you a message" with a link to go click on and read what your "friend" wrote.

The link instead sends you off to fbaction.net (Don't go there.)  Where the page looks like the Facebook login page and they are hoping you will type in your credentials.  Farily simple phish, so keep your eyes open.

Original article here.  Thanks Matthew!

-- Joel Esler | http://www.joelesler.net | http://twitter.com/joelesler

Joel

454 Posts
ISC Handler
\"fbstarter.com\" is also being used, with the subject \"look at this!\"
Anonymous

Sign Up for Free or Log In to start participating in the conversation!