Phishers Cast Lures Into Facebook's Social Stream

A new wave of phishing and spamming attacks is hitting Facebook users as scammers attempt to get hold of their passwords, the social networking site acknowledged in a statement.

Similar phishing and spamming scams -- in which messages supposedly from their friends lure victims to a malicious Web site -- have been occurring with greater intensity since the end of April.

The sites typically display a fake, though convincing-looking, Facebook page where users are prompted to input their login information. In addition, spam messages -- supposedly from Facebook friends -- display links to online pharmacies, according to Graham Cluley, senior technical consultant for Sophos.

Facebook is currently attempting to block the links to phishing sites. Site managers are also making efforts to scrub the links from users' Wall posts and reset the passwords of affected individuals.

The attacks are thought to be related to the fbaction.net/fbstarter.com phishing campaign that struck the site a few weeks ago, Facebook said.

"We are generally seeing more and more spamming taking place on social networks -- more than ever before," Sophos' Cluley told TechNewsWorld, "so it's becoming a more common problem."

Why Is Your Friend Acting So Strange?

Sophos has been tracking attacks on online social networks and found that one-third of users reported being spammed through social networks. One in five said they had received phishing attempts on social networks, and about one-third said they had been sent malware on a social networking site, according to Cluley.

To protect themselves from being duped by one or more of these scams, Facebook users need to be on guard. One thing they can do is look closely at messages they receive from apparent friends on Facebook to determine whether they're the normal kinds of messagse their friends would send. For instance, suggested Cluley, is a particular friend in the habit of sending a link in a message simply reading, "Check this out"?

Social network users should be suspicious of unusual links and examine where they go. For example, if a link should claim to be for a YouTube video, be sure to look at the URL the link displays to make sure of the location, he said.

"Whenever users enter information on their Facebook page, they should make sure they are really on that page. It can look like Facebook but really be a lookalike site to grab your personal information," Cluley warned.

Stay Secure

Deploying the latest security patches on one's computer is also essential. In the event a user falls victim to a phishing message, having the latest security patches can guard against malware on a malicious Web site. Otherwise, the result can be nasty downloads installing malicious software for ID theft or other purposes, said Cluley.

"The Facebook staff is actively trying to block these phishing and spam attempts when they see them. They are removing the messages and issuing warnings to people that they are going to a third-party site," he said.

Another thing users can do is run antiphishing software on their computers. Some of these tools are built into Web browsers, and they may be able to warn users about fake sites built to install malware that would allow hackers to take over the computer.

Passwords Matter

About one-third of all computer users use the same password for all of their various log-ins, and a phisher who tricks a user into logging on to a phony Web site, will have that universal user password -- and possibly an email address as well. It's like losing your wallet, according to Cluley.

For this reason, Facebook recommends that anyone affected by this phishing attack reset their passwords -- not only for their Facebook profiles, but also for other online accounts such as email services.

In addition, users should be especially vigilant about the names of links they click on. It is not always easy to spot a phony landing page -- the scammers choose different names each time.

"Over the last few days we've seen a URL with "www" and then a number dot M. There are lots of different disguises the hackers can use," said Cluley.