Facebook phising using Belgium (.be) domains

This is not new or exciting, but as we have received several reports during the weekend (thanks to all that wrote in - Kevin, Mike, Rick), you all should know what is going on. It seems a new Facebook phising/spam/"worm" campaign is doing the rounds. It uses Belgium domains (.be) to impersonate the Facebook login page and steal the user credentials.

Some of the malicious domains being used are redfriend dot be, redbuddy dot be, picoband dot be... (at this point, none of them can be resolved).

It's recommended to filter access to all them (and the others coming)!

Raul Siles

Raul Siles

152 Posts
May 24th 2009
I got this in a message on facebook: "wwww whiteflash be". Facebook deleted the message themselves and when I go to the URL Firefox reports it as a forgery.
URL redirectors such as tinyurl have email addresses where said redirects can be shut down, and relatively fast. This isn't true for all of them, but a majority of the public ones have this option.

Sign Up for Free or Log In to start participating in the conversation!