Days after a massive spam attack hit Facebook, a new phishing scam has reportedly hit the social networking site. Security firm Sophos Naked Security in its blog claims that the Facebook users are receiving phishing mails, threatening to delete users' account unless they submit valid account details within 24 hours. The blog further says that the phishing messages accuse the users of breaching Facebook's policy guidelines by irking other Facebook users. The messages then seek personal and financial information including credit card numbers from the users of the social networking site.
The phishing e-mails read like this:
“LAST WARNING : Your account is reported to have violated the policies that are considered
annoying or insulting Facebook users. Until we system will disable your account within
24 hours if you do not do the reconfirmation.
Please confirm your account below:
The Facebook Team
Copyright facebook © 2011 Inc. All rights reserved.”
The link mentioned in the phishing e-mails further take the victim to a fake Facebook page, where the users are asked to provide their personal information, which includes log-in details, e-mail id, security answer, credit card details e.t.c.
After completing the first form, the users are directed to another fake Facebook form. According to reports, if users fill up this form, their e-mail and Facebook accounts could be hacked.
In case of filling up the second form, the users are taken to the third page, where the scammers seek credit card details, such as username and first digits of the card.
Facebook users are recommended to be strictly wary of such spam/phishing messages and never provide personal or financial details.
- Facebook hit by a massive spam attack
- Facebook to introduce sponsored stories in its news ticker
- Facebook prepping its own Android-based 'Facebook phone'