A new phishing attack targeting Facebook users is rapidly spreading via intriguing wall posts that try to lure people onto a fake page.According to Facecrooks, the wall posts read "Check it out here, Look at you haha:P" and are accompanied by an image from a public event.
This social engineering trick, whose purpose is to pique people's curiosity, is commonly used in attacks on instant messaging applications or social networking websites.
We recently reported about a worm spreading through the Facebook chat feature and luring users with a link that allegedly led to a picture of them.
In this case, the link is made to appear as if it leads to apps.facebook.com domain, but in reality, users get redirected to a page hosted on an external site.
The rogue site is an identical copy to Facebook's login page and makes users think they've been logged out and need to re-authenticate.
Of course, doing so is a very bad idea and will result in their credentials being stolen and used for spam. Hijacked accounts are also used to propagate the phishing scam.
Users who fell victim to this phishing attack should initiate a password reset and should also change their password on other websites, if they used the same one.
After regaining control of their account they should go to the Account Security section, under Account Settings, and kill any rogue sessions listed there.
With around 600 million users, Facebook is a very attractive target for phishers. Even poorly designed scams with a low success ratio can result in thousands of victims.
A Facebook phishing attack analyzed by researchers from Kaspersky Lab in October 2010 made 3,000 new victims every 20 minutes.
People are advised to always double check the browser address bar to make sure they are on a legitimate site before logging in.