JOIN USThe phishing spam is being run through messages which steals sensitive information of Facebook users.
In the attack, messages are circulated with a subject line of “Hello” and a prompt to check out “areps.at” or other URLs ending in “.at”.
The mails with the subject line “Look at This” and links like goldbase.be, greenbuddy.be, silvertag.be and picoband.be lead to some malicious websites, which if visited, could secretly download malware onto computers through a “drive-by download” application.
The URL connectivity, before being blocked, directs the visitor to a fake Facebook page and the mail ID and password are stolen as soon as it is logged in again.
According to All Facebook blog.Facebook, the password in such cases should be changed immediately and the same message should be sent across to one’s Facebook acquaintance.
Stealing passwords
“Whoever is behind the spam has been steadily amassing a large number of e-mail addresses and passwords over the past few weeks,” the blog says.
But Facebook spokesman Barry Schnitt said: “The impact of this attack or the previous ones are not widespread and only impacted a tiny fraction of a per cent of users. “We’ve been updating our monitoring systems with information gleaned from previous attacks so that each new attack is detected more quickly,” he said.
The site has blocked links to the new phishing sites from being shared on Facebook and has added them to the block lists of major browsers. The social networking site is working with partners to have the sites taken down completely, he said, adding Facebook is also cleaning up phony messages and wall posts and resetting the passwords of affected users.
“We believe the bad guys here are phishing an account and then trying those credentials on webmail providers.”