Earlier this morning I was asked to check out what appeared to be another Facebook phishing attack, as detailed here.
Sure enough, a domain registered a couple of days ago is being used to harvest Facebook login credentials from unsuspecting users. Messages appear to have been sent to users from the application “sex sex sex and more sex !!!”.
The application appears fairly dubious, though with well over 20,000 weekly users, many seemed to have happily used it.
Within the sent messages, there is a link to a fake Facebook login page, hosted on a domain that was registered just a couple of days ago.
Registered through: GoDaddy.com, Inc. (http://www.godaddy.com)
Domain Name: FUCABOOK.COM
Created on: 15-Aug-09
Expires on: 15-Aug-10
Last Updated on: 15-Aug-09
The phish page pretty much mirrors Facebook, as you would expect.
Remember, only log into online services by using your own bookmarks or by typing in the URL manually. Do not trust links in emails or messages. Also, for those that use Facebook, take care with which applications you choose to use/trust. Maybe time to review your privacy and application settings?