Issue 117 - August 2011 - Page 19
Alert From Facebook Security Team Phishing Scam
Message, purporting to be from the Facebook Security Team, claims that the recipient’s Facebook account may have been compromised and that he or she must follow a link to verify account details within 12 hours or risk having the account permanently suspended.
The message is a phishing scam designed to steal Facebook and webmail account login details and other personal information from recipients. Note that there are several versions of these scam messages currently being distributed. The wording of the messages may vary.
Detailed analysis and references below example.
Last updated: 30th June 2011
First published: 30th June 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer
Subject: Did you log into Facebook from somewhere new?
Dear [Username removed]
Your Facebook account was recently logged into from a computer, mobile device or other location you've never used before. We have reviewed your account activity, and we get information about possible unauthorized access to your Facebook. We have provided a warning to you via email, but you do not respond to our notification.
“Your account was accessed from a new location : Anonymous Proxy.”
If you are not signing into your Facebook account from "Anonymous Proxy", your Facebook account may have been compromised. We recommend immediately verify your account by carefully on the link below to protect your Facebook account. It may take a few minutes of your time to complete your data.
Please be sure to visit the Facebook Service Account for further information regarding these security issues.
[link to scam page removed]
Note : If within 12 hours, you have not verified your account, then you have ignored our notifications. Therefore, your account is permanently suspended, and will not be reactivated for any reason.
Facebook Security Team
This message, which purports to be from the “Facebook Security Team”, warns the recipient that his or her Facebook account may have been compromised. According to the message, the account was recently logged into from a computer, mobile device or other location that the user has not previously used, and the account was therefore flagged because of a possible unauthorized access. The message urges the recipient to click a link in order to verify the account. It also bluntly warns that, if the verification is not completed within 12 hours, the recipient’s Facebook account will be “permanently suspended, and will not be reactivated for any reason”.
However, the message is certainly not an official Facebook security notification. Instead, it is a phishing scam designed to steal personal information from users. Users who fall for the ruse and click the link in the message will be taken to a bogus Facebook page where they are asked to enter their Facebook login details along with other personal information, as shown in the following screenshot:
Once they have entered the requested information, they are then presented with a second fake form that asks them to provide their webmail login details:
Finally, users are presented with yet another page that informs them that the verification process is complete:
In reality, all of the information entered into the bogus forms can be collected by Internet criminals. Armed with this information, the scammers are able to hijack both the Facebook account and the webmail account used by their victim and use these hijacked accounts to conduct further fraudulent activities. They may also be able to use other private information collected on the bogus forms along with information stolen from within the hijacked accounts to steal their victim’s identity and commit credit card fraud.
Be very cautious of any message that asks you to follow a link to verify account information even if it looks like a genuine Facebook message and the link leads to a page that looks like the genuine Facebook website. Always login to your Facebook account directly via your web browser rather than by following a link in an email.
Note also that there are several versions of these scam messages currently being distributed. The actual wording of the messages may vary somewhat from the example shown above.
Pages in this month's issue:
- FB Security "Hacker" and "Virus" Warning
- Hoax: HIV Infected Blood In Pepsi
- Advance Fee Scam - Facebook 2011 Sweepstakes Online Lottery
- Hugh Hefner is NOT Dead - R.I.P. Hugh Hefner Facebook Virus Warning Hoax
- Wrench 3D Printing Viral Video
- Fake News Report Falsely Claims Mark Zuckerberg Arrested for Child Molestation
- Shutdown Cell Phone Virtual Kidnapping Scam Warning
- Facebook 'Virus' Warning - Girl in a Plaid Skirt
- Credit Card Overdue Malware Email
- Mobile Phone Misinformation - XALAN and #90 Hoax
- Hoax Warning: Lost Child Lure - 'New Way for Gang Members to Rape Women
- Hoax: Nadia Comaneci's Gymnast Granddaughter Viral Video
- 'Facebook Has Sent You a Message' Pharmacy Spam
- ''Uniform Traffic Ticket' Malware Email
- IRS 'Unable To Process Your Tax Return' Malware Email
- Nestle Banana Baby Food Recall Warning
- Hoax: Facebook to Start Charging This Summer - Facebook Icon Will Turn Blue
- Hoax - Nagasaki Arch Survives Both Atomic Bomb and Tsunami
- Alert From Facebook Security Team Phishing Scam
- Dollar Bills Stamped With 'NO GOD BUT ALLAH'