Facebook, the world's largest social networking site with over 200 million users, is an attractive target for hackers and cyber criminals. Unsurprisingly, the site has been increasingly under attack in recent months. The latest attack comes in a cohesive phishing assault designed to lure Facebook's users to unwittingly give up their passwords.
The attack began earlier this month, when hackers gained access to a handful of users accounts. From there, they used the compromised accounts to send out emails to other users, posing as a friendly message and asking them to click a link. Users clicking the link were taken to a page that looks like Facebook's login page. The users would then think that their account had logged out, and give the hackers' page their username and password.
The malicious domains include www.151.im, www.121.im and www.123.im.
The ploy proved successful, and a growing number of accounts began sending out the phishing messages over Facebook's messaging system. Facebook spokesman Barry Schnitt says that the site is currently trying to block all the compromised accounts and clean up the mess. He declined to say precisely how many accounts had been compromised.
Facebook believes that the attacks were geared to gain access to a large number of accounts to use as spammers, sending out advertisements for pharmaceuticals and other popular spam fodder. They also believe the hackers were considering using the compromised account information to engage in identity theft.
A similar attack against Facebook had occurred just a few weeks ago, and both attacks serve as evidence that the hackers are growing increasingly bold and organized. Last year, Facebook was targeted by a similar scheme, which spread a Trojan malware called Koobface (a reference to Facebook).
Facebook users are urged to never click links from friends, unless they're entirely sure of their authenticity. Further, users should physically retype Facebook's web address into their web browser's address bar if logged out, rather than typing in their information on a redirect page.