Over the past few months Facebook has been having some serious problems when it comes to spammers. Despite allocating significant resources toward battling the spam problem, it still continues to be a serious issue. One of the most frequently used tricks by spammers is guiding them to websites which encourage them to enter their Facebook username and password into a login form that looks identical to the Facebook login page.
One such scam, found by BitDefender earlier today, involves instant messages with fake links that redirect users to a site resembling Facebook. One has to wonder what individuals are successfully deceived considering the message being displayed isn’t really that tricky: “Hey! you have a crush waiting for you on Facebook! See here! [link]“.
Vlad Valceanu of BitDefender commented on the issue, saying that “Users should be cautious of any link sent to them via IM or email. Along with paying close attention to Web site names and likes, it is important for computer users to have an IT security solution installed onto their systems in order to avoid future attacks.” As Facebook continues to surge in popularity, spammers have quickly seized the opportunity to take advantage of the company’s brand recognition.
The bottom line is that no matter what a site looks like, you probably shouldn’t be entering your login into it unless you manually typed in “www.facebook.com“. I can only expect to see more of these scams appear in the coming months.
![[Inside Social Apps 2012]](http://www.allfacebook.com/wordpress/wp-content/themes/allfacebook2/images/ISA2012_336x100_F_RegisterNow.gif)
![[AllFacebook Stats: Facebook Analytics for Your Business]](http://www.allfacebook.com/wordpress/wp-content/themes/allfacebook2/images/stpro_allfacebookstats.gif)
![[How can Facebook change your business?]](http://www.allfacebook.com/wordpress/wp-content/themes/allfacebook2/images/FMB_A_MAY2011_336x100_F.gif)
The real security threat is the end user, not thinking before they click, or being so naïve and vulnerable that they fall for this stuff.-Jerry
Comment by Jerry Aulenbach — October 16, 2008 @ 6:12 am
I received a message through facebook chat to tell me someone had posted a picture of me in their blog. The link redirected me to <a href="http://www.faceiibook.com,” target=”_blank”>www.faceiibook.com, and looked just like the real thing. I'm lucky I caught the URL and immediately searched it on google. The only result was that of a recent discussion in facebook where people were trying to spread the word. Apparently, it was pretty new.
Comment by Jarrod — October 16, 2008 @ 6:19 am
Jerry, you're right that it's with the end user…but it's also important that once it's known that the word gets spread out so others don't follow the lead. While Firefox and the latest IE Browser have tools to prevent phishing, by blocking the site…it's more important to educate the users rather than to blame them for being naive and vulnerable.
Comment by Paul — October 25, 2008 @ 12:35 am
Firefox and Chrome just blocked the Facebook JavaScript domain as a phishing site.
http://fbcdn.net
Ouch!
Comment by Chris Lang — December 3, 2008 @ 12:46 am