Phishers are posing as Facebook security on chat

This screenshot shows what the scam Facebook chat message looks like.

(Credit: Kaspersky Lab)

Scammers are posing as Facebook security in chat sessions to try to trick people into providing their credit card information, Kaspersky Lab warned today.

"This Facebook phishing attack is pretty interesting because it does not just try to trick the victim into visiting a phishing Web site. It will reuse the stolen information and login to the compromised account and change both profile picture and name," writes David Jacoby, a Kaspersky Lab Expert, in a blog post.

"The profile picture will be changed to the Facebook logo and the name will be translated to 'Facebook Security'," he wrote.

After an account has been compromised, the scammers will use it to send out an instant message to the victim's contacts pretending to be Facebook Security, according to Jacoby. The message says "Last Warning: Your Facebook account will be turned off Because someone has reported you. Please do re-confirm your account security by:" and it provides a URL ending in ".vu" for the recipient to visit, he said.

The link redirects to a Web site that is made to look like a Facebook page and it prompts the visitor to provide name, e-mail, password, security question, e-mail account password, country and birth date, the blog post says. After that information is provided another page appears with a heading "Payment Verification" that asks for the first six digits of the person's credit card. A subsequent page then asks the visitor to verify the information by providing the full credit card number, expieration date and security code as well as billing address, Jacoby wrote.

A Facebook spokesman said the company was looking into the report and provided this statement:

Protecting the people who use Facebook from spam and malicious content is a top priority for us. We have spent several years developing protections to stop spam from spreading and have sought to cooperate with other industry leaders to keep users and their data safe. We've built enforcement mechanisms to quickly shut down malicious Pages, accounts and applications that attempt to spread spam by deceiving users or by exploiting several well-known browser vulnerabilities. We have also enrolled those impacted by spam through checkpoints so they can remediate their accounts and learn how to better protect themselves while on Facebook. Beyond these protections, we've put in place backend measures to reduce the rate of these attacks and will continue to iterate on our defenses to find new ways to protect people.

In addition to the engineering teams that build tools to block spam we also have a dedicated enforcement team that seeks to identify those responsible for spam and works with out legal team to ensure appropriate consequences follow.

As always, we advise people not to click on links in strange messages, even if those messages have been sent or posted by friends. This tip and many more can be found on our Facebook Security Page (http://www.facebook.com/security), which is followed by over four million people.

Meanwhile, there's another scam going on, this one involving e-mails, that's leveraging the Facebook brand. Scammers are sending e-mails purportedly from Facebook founder Mark Zuckerberg that claim that the recipients have won an iPad or iPhone as part of a special promotion sponsored by Facebook and Apple. The recipients are then directed to a page that asks for personal information and tricks them into agreeing to a small charge for participating in the offer.

Posted in: news,Security