Actually, nice to know that Facebook is reacting quickly and forcefully to this attack. If you saw this one, it’s just a good reminder not to stick in your password without thinking twice, or three times.
Facebook early today suffered its second phishing attack in 24 hours, but the social networking site took swift action to resolve the matter.
Yesterday, attackers worked to lure Facebook members to FBAction.net, a site displaying a bogus Facebook login page that hijacked users’ accounts. Today, a second attack appeared, this time using fbstarter.com.While the creator of the site remains uncertain — the site is registered to “Boris Soroka” in Moscow, according to Whois records, which aren’t necessarily legitimate — Facebook and its security partners are moving quickly to lock things down.
“We’ve already blocked www.fbstarter.com from being shared on Facebook, which stops the spread,” Facebook spokesman Barry Schnitt told InternetNews.com. “Now, we’re deleting that URL from walls and inboxes. We’ve also blocked access to the URL so if someone does find it on Facebook [on their wall, in their inbox, or in an e-mail notification] it won’t send them to the destination. Finally, we’ll automatically reset the password on any account that sent the malicious link. Thus, the data becomes useless to the bad guys very quickly.”
[From Facebook Fights Second Phishing Attack - InternetNews.com]
