- Jan 24, 2011
- 9,378
A new phishing attack is tricking Facebook users into exposing their login credentials by encouraging them to sign for a new @facebook.com email account.
Last November the social networking site announced a new messaging platform that merges email, SMS and Chat into a single "social inbox."
The new feature is being rolled out in stages and users are expected to receive @facebook.com email addresses.
When the time comes people will be asked to choose their username if they don't already have one associated with their account, in which case that one will be automatically used.
However, scammers are trying take advantage of some of the confussion surrounding this new feature and scare users that their desired name will be taken by someone else.
Security researchers from M86 Security warn that there are spam messages circulating around that read :
The links take users to rogue Facebook app pages that display login forms, suggesting that they need to re-authenticate. This is well designed scam where phishers have put in extra effort to avoid raising suspicion.
Therefore, users who end up inputting their login information will get to see a page that really asks them for their desired @facebook.com email address and after they provide it, they are taken to a congratulations page.
More details - link
Last November the social networking site announced a new messaging platform that merges email, SMS and Chat into a single "social inbox."
The new feature is being rolled out in stages and users are expected to receive @facebook.com email addresses.
When the time comes people will be asked to choose their username if they don't already have one associated with their account, in which case that one will be automatically used.
However, scammers are trying take advantage of some of the confussion surrounding this new feature and scare users that their desired name will be taken by someone else.
Security researchers from M86 Security warn that there are spam messages circulating around that read :
The links take users to rogue Facebook app pages that display login forms, suggesting that they need to re-authenticate. This is well designed scam where phishers have put in extra effort to avoid raising suspicion.
Therefore, users who end up inputting their login information will get to see a page that really asks them for their desired @facebook.com email address and after they provide it, they are taken to a congratulations page.
More details - link
