Phishers Pretending as Facebook Security Team in a Recent Fake E-mail Scam

Security experts at the Internet Security firm Sophos have recently acknowledged a new phishing e-mail, wherein attackers apparently are pretending as the security team of Facebook.

The fake e-mail notifies users that their account has been permanently shut down, and will not be reactivated since they have not responded to a previous notification. The e-mail tries to convince users into clicking on the link to verify their account, in case they feel that they have not desecrated any terms of the social networking website. The e-mail attempts to create hurry by fixing a time period of 12 hours for account verification on the given link.

Users of the famous social networking website, who gets victimized to the scam and click on the link, are directed to a bogus, but apparently authentic webpage, wherein they are asked to furnish their personal information.

As per Sophos, usage of the official Facebook images is purely intentional and is designed to scam the innocent users into believing that they are sharing their private information with the Facebook's Security team. Nevertheless, the URL of the bogus link starts with a prefix and has a spelling error, which could be identified by an alert Internet user.

Commenting on the whole matter, Graham Cluley, Senior Technology Consultant at Sophos stated that, cybercrooks could utilize the information to hack users' Facebook account, or dispatch further malicious attacks straight away to their e-mail ids. He further added that, users should always protect their passwords and other private information and never reveal it to anyone on the internet, as reported by Naked Security on July 3, 2011.

Cluley suggested users to not to click on the links enclosed in the scam e-mail.

Facebook's actual security team has supposedly been notified regarding the above mentioned phishing attack and it is expected that they will immediately shut it down.

Conclusively, this is not the first incidence, wherein Facebook users have been scammed by phishing attacks. Previously also, earlier this year (2011), messages were circulating that as the social networking website had become too slow, the website was considering shutting down all the inactive accounts, which was also fake.

Related article: Phishers Expand Their Sphere of Attacks

» SPAMfighter News - 7/11/2011