Fake Facebook Login Phishing Scam
Summary:Messages attempt to lure Facebook users into logging into bogus Facebook lookalike sites such as fbstarter.com (
Full commentary below).
Example:(Collected online, April 2009)
Subject: Look at this
fbstart.com
Commentary:
Users of social networking website Facebook have been receiving messages like the one above that are designed to trick them into providing their Facebook login details to Internet criminals.
Those who click on the link in these messages will be taken to a bogus website designed to look like a genuine Facebook login page. The bogus sites have domain names such as "fbstarter.com" and "fbaction.net". If a user logs in to one of the fake pages, his or her Facebook account details can then be collected by scammers. Armed with this information, the scammers can then logon to their victim's real Facebook account, steal personal information and use the account for fraudulent purposes such as spamming or sending further scam messages.
At the time of writing "fbstarter.com" and "fbaction.net" had been reported as phishing sites and were no longer active. However, other fake Facebook sites are likely to follow. Facebook users should be very careful that they only logon to the genuine Facebook website.
References:
New Phishing Attack Spreading On Facebook.
Last updated: 1st May 2009
First published: 1st May 2009
Write-up by Brett M. Christensen