Facebook Security is the official Facebook page that the site uses to provide user-friendly security information that is particularly relevant to its users. However, it is now being used in phishing attacks.
Spammed messages purportedly from Facebook Security are being sent to Facebook users. According to the message, the user’s account has been found to be suspicious and has been blocked. Facebook Security’s account was either accessed from an unknown location or was abused. The message then asks the user to verify and unblock the account by going to a site that turned out to be a phishing page:
Another way users are targeted are via fake Facebook Security profiles. Many profiles seemed to have been registered by Facebook Security with diacritic marks inserted.
As is in this case, be careful about opening messages and websites, even if they supposedly come from official sources such as Facebook Security. One can see that the messages and websites contained several glaring errors in grammar and punctuation–a common issue for phishing attacks in general, and something that should warn users that the site they’re visiting is not legitimate.
Post from: TrendLabs | Malware Blog – by Trend Micro
Facebook Security Spoofed, Used for Phishing
Full story: TrendLabs | Malware Blog – by Trend Micro
Related Posts
- Facebook used for phishing attacks and open redirects
Recently, at Websense Security Labs, we have seen Facebook being used to
display phishing pages for different services, as well as to redirect
to phishing pages hosted elsewhere. Below are two... - OAuth 2.0 security used by Facebook, others called weak
The OAuth 2.0 API security protocol, used by Facebook and Salesforce.com, may be too easy to crack, critics contend
View full post on Computerworld Security News... - Google+ Project Vs Facebook Safety Features
Today there are many social networks on the internet and everyday new ones are being introduced with new and better features. They have unique and useful features, which makes it easy for users to rem... - Cyber Crooks All Set to Crash the British Royal Wedding
As we have seen with many major events in the past, news of the British Royal Wedding is currently being used by cyber criminals to bolster their spam campaigns and push rogue antivirus software throu... - Spammers Intend to Make You an Easter Bunny
Easter is a Christian holiday centered on the death of Jesus Christ and His subsequent resurrection several days later. Hence Easter is an important holiday for Christians. But what gets associated wi... - Facebook Likejacking, phishing and spam
Last Thursday, I wrote about Facebook Likejacking. Today, similar pages were brought to my attention. They use Likejacking to spread through user profiles using much more aggressive spam techniques.
... - Facebook phishing pages
On 02/13/2011, I found several domains used for Facebook phishing, registered the same day:
securedirectsite.com
directsecuresite.com
securedsitedirect.com
highsecuritydirect.com
securedsitedirect.com... - Another Facebook phishing scam run
Phishing scams in Facebook. It's not new and it's not sophisticated. But they still catch the unwary and they're still happening now, with only minor tweaks in tactics.
End 2010, we saw a run of ph... - Change Your Facebook Account Settings for Better Privacy and Security
Facebook comes up a lot in this blog. Recently I wrote about the Hidden Face of Facebook Security and mentioned a new security feature that will encrypt your session so that you don’t fall victim to a... - The Hidden Face of Facebook Security
Facebook actually does have some exceptionally talented security professionals. They have almost no depth in privacy, but they have real security talent. A part of the problem is that the Facebook cu...
Posted on 30 January 2011. Tags: Facebook, Phishing, Security, Spoofed, used
