Posts Tagged phishing attacks

By Suzanne Choney

A Facebook e-mail phishing scheme was discovered early Thursday among users of the popular social networking site who may have inadvertently clicked on a fraudulent Web link included in a Facebook message to them.

The bogus link took users out of and away from the real Facebook to a fake Facebook site, where they were asked to log in again, giving their passwords, which may have been captured by those behind the scheme.

Facebook said e-mails with the fake link were blocked within the first few hours of being sent out, and that those who may have fallen for the ruse have had their passwords automatically re-set “so that any data the bad guys have becomes useless very quickly,” said company spokesman Barry Schnitt.

Users who did bite on the phishing lure will receive an e-mail from Facebook notifying them that their passwords have been re-set.

One version of the e-mail went like this: “Richard sent you a message. Subject: Hello. “Check 121.im” with “121.im” as a Web link and fake Facebook page.

The phishing scam grew rapidly because accounts that were compromised “immediately sent out hundreds of messages, all with the same content, with the same link,” Schnitt said. He said it is “too early to tell” how many of Facebook’s 200 million users were affected by the scam.

Read the rest of this entry »