Phishers Target Facebook Again

[Damiano]

Facebook survived two malware attacks this week that tried to phish for users' login information. Facebook will expand its use of MarkMonitor AntiFraud Solutions to fight phishing attacks, the companies announced as the site was under attack.

The phishing scam tried to lure users into clicking a link in the messages inbox, which would take them to an external Web site that allowed the hackers to access their password.

Facebook supplements its own security tools with MarkMonitor's security tools and services, which provide around-the-clock monitoring and prevention, as well as site shutdowns, forensic reporting, and a rapid-response network. Panda Security provides detection and analysis of malware.

[Elbanco]

The site has come under siege this week by FBaction.net, which has delivered messages among Facebook friends, telling them to check out a link. The link takes users to a fake Facebook page requiring users to login with their Facebook user names and passwords.

Facebook has given MarkMonitor the domain name for placement on a blacklist. The social networking site also is trying to disable user access to the servers. Employees are resetting passwords of those who have been affected. Finally, Facebook said it will pursue legal action against the owners of FBaction.net.