Threat Level: green Handler on Duty: Daniel Wesemann

SANS ISC: Facebook Phishing attack -- Don't go to fbaction.net SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Facebook Phishing attack -- Don't go to fbaction.net

Matthew writes in to tell us about an article posted over on TechCrunch about a Phishing Attack that is "underway at Facebook."

This Phishing attack is an email that has the subject "Hello"  (First off, if you receive an email that has a subject of "Hello", and that's all...  immediately suspect for nonsense.  I used to get a ton of these at one point, because I belonged to a website where people would post via a webpage, and this webpage had no spam protections, so the most common Subject was "Hello".  It got so bad, I used to send all Emails with simply the subject "Hello" to /dev/null.  (Yes, it was *that bad*.) Anyway, I digress.)

The phishing attack with read something like ""YOURFRIEND" sent you a message" with a link to go click on and read what your "friend" wrote.

The link instead sends you off to fbaction.net (Don't go there.)  Where the page looks like the Facebook login page and they are hoping you will type in your credentials.  Farily simple phish, so keep your eyes open.

Original article here.  Thanks Matthew!

-- Joel Esler | http://www.joelesler.net | http://twitter.com/joelesler

Joel

454 Posts
Apr 29th 2009
\"fbstarter.com\" is also being used, with the subject \"look at this!\"
Anonymous

Sign Up for Free or Log In to start participating in the conversation!