Facebook again targeted by phishing attacks
Friday, May 15, 2009
Facebook was once again hit by spammers who hacked user accounts to send out spear phishing emails in an attempt to steal user login credentials on Thursday.
A Facebook spokesman told the New York Times Gadgetwise blog that yesterday it was cleaning up spam Wall posts and messages, resetting passwords of affected users and blocking access to malicious websites linked in the phishing messages.
Users reportedly received messages to their accounts that appeared to come from friends, but were sent by spammers from hijacked accounts.
Users who followed the spam links were directed to log back in to the Facebook site, but actually logged into a dummy site controlled by the hackers, giving spammers their passwords. The fake domains included www.151.im, www.121.im and www.123.im.
An unnamed Facebook spokesman told the New York Times the attack "is not widespread and is only impacting a small fraction of a percent of users."
Web security experts said an acceleration of cyberattacks on Facebook has been ongoing over the last several months, due to the huge number of users of the site. Facebook claims it has about 200 million users.
Facebook was hit last Thursday by another spam attack that attempted to get users to download adware onto their computers. It appeared to be the second stage of a phishing attack from the previous week.
Related News:
Conficker still a threat to web security - 3.18.2010
The Conficker worm was by far the most notorious piece of malware in 2009 for several reasons. Not only did it receive media attention and infect more computers than any other strain, according to Katonda, a business technology website, it reminded web security professionals of bygone days when major epidemics were the norm.
Network security update not responsible for crashes - 2.24.2010
Reports of the so-called "blue screen of death" following the installation of the latest Microsoft security update are the result of malware, not a defect in the update.
Botnets and Chuck Norris take aim at network security - 2.22.2010
Last week, word spread of the Kneber botnet compromising more than 2,000 computers worldwide. With the start of a new week comes more malware attacks plaguing the web community. The so-called "Chuck Norris" botnet is attacking routers and DSL modems by guessing commonly used passwords.
Web security company warns of scareware's risk - 2.19.2010
The rise in scareware attacks and cyber criminal behavior in general forced DynaSis, an IT services company, to issue a warning to its users about the threat of fake anti-virus software infecting their computers on Friday.
Age-old trick with brand-new target - 1.18.2010
Cyber criminals have turned to a scam from the early days of the internet to target the growing smartphone market: Trojan phone dialers.
|
