Facebook continues to be plagued with phishing and spam attacks in an attempt to steal passwords.
In a recent attack against Facebook, phishers attempted to steal passwords and names through fake e-mail messages that appeared to have come from Facebook Inc. Included in the fake email messages is a link that redirects users to a phishing website. The malicious website was discovered to be Fbaction.net, which appears to look like a Facebook log-in page.
What does the message look like? Victims of the attack have reported a message that has the subject line "Hello," that appears to have come from a friend on Facebook. Within the message, it invites users to "Visit http://www.facebook.com/l/4253f;http://fbaction.net/" and then redirects them to the malicious Fbaction.net phishing site. Once a user visits the site they are greeted with several warnings and notices to change their password. This is where the scammers are able to retrieve your password.
Facebook is working to blacklist the domain in hopes to shut it down. Facebook is even taking the necessary actions to remove the content from any related messages sent to its users and block the domain from being shared on Facebook. In addition, Facebook will be resetting passwords of senders to remove access from an attacker and working with ISP's to get information for building a criminal or civil case against the malicious site owners.
It is evident that scammers that try to steal passwords from large networks are being sought after. Facebook, among other large social networks, have been attacked before and are not going to let the scammers continue to do so without facing repercussions for their illegal actions.
Will we start to see more crack-downs of attackers against social networks over the internet? It is very possible, as the number of cases continue to increase just as fast as the spread of Swine Flu, we will see social networks such as Facebook, Twitter and MySpace, continue to uphold lawful action against attackers especially if they have been identified.