Related News
Hackers launch phishing attack on Facebook users
HACKERS launched an attack on Facebook's 200 million users yesterday, successfully gathering passwords from some of them in the latest campaign to prey on members of the popular social networking site.
Facebook spokesman Barry Schnitt said yesterday that the site was in the process of cleaning up damage from the attack.
He said that Facebook was blocking compromised accounts.
Schnitt declined to say how many accounts had been compromised.
The hackers got passwords through what is known as a phishing attack, breaking into accounts of some Facebook members, then sending e-mails to friends and urging them to click on links to fake websites.
Those sites were designed to look like the Facebook home page. The victims were directed to log back in to the site, but actually logged into the one controlled by the hackers, unwittingly giving away their passwords.
The purpose of such attacks is generally identify theft and to spread spam.
The fake domains include www.151.im, www.121.im and www.123.im. Facebook has deleted all references to those domains.
Schnitt said that Facebook's security team believes the hackers intended to collect a large number of credentials, then use those accounts at a later time to send spam hawking fake pharmaceuticals and other goods to Facebook members.
The site fought off a similar attack two weeks ago, he said.
Privately held Facebook and rival social network MySpace, which is owned by News Corp, require senders of messages within the network to be members and hide user data from people who do not have accounts. Because of that, users tend to be far less suspicious of messages they receive.
Hackers used a phishing attack last year to spread a malicious virus known as Koobface (a reference to Facebook). It was downloaded onto Facebook members' PCs when they clicked on a link sent to them in an email that looked like it had been sent by a friend on Facebook.
Facebook spokesman Barry Schnitt said yesterday that the site was in the process of cleaning up damage from the attack.
He said that Facebook was blocking compromised accounts.
Schnitt declined to say how many accounts had been compromised.
The hackers got passwords through what is known as a phishing attack, breaking into accounts of some Facebook members, then sending e-mails to friends and urging them to click on links to fake websites.
Those sites were designed to look like the Facebook home page. The victims were directed to log back in to the site, but actually logged into the one controlled by the hackers, unwittingly giving away their passwords.
The purpose of such attacks is generally identify theft and to spread spam.
The fake domains include www.151.im, www.121.im and www.123.im. Facebook has deleted all references to those domains.
Schnitt said that Facebook's security team believes the hackers intended to collect a large number of credentials, then use those accounts at a later time to send spam hawking fake pharmaceuticals and other goods to Facebook members.
The site fought off a similar attack two weeks ago, he said.
Privately held Facebook and rival social network MySpace, which is owned by News Corp, require senders of messages within the network to be members and hide user data from people who do not have accounts. Because of that, users tend to be far less suspicious of messages they receive.
Hackers used a phishing attack last year to spread a malicious virus known as Koobface (a reference to Facebook). It was downloaded onto Facebook members' PCs when they clicked on a link sent to them in an email that looked like it had been sent by a friend on Facebook.
- About Us
- |
- Terms of Use
- |
- RSS
- |
- Privacy Policy
- |
- Contact Us
- |
- Shanghai Call Center: 962288
- |
- Tip-off hotline: 52920043
- 沪ICP证:沪ICP备05050403号-1
- |
- 互联网新闻信息服务许可证:31120180004
- |
- 网络视听许可证:0909346
- |
- 广播电视节目制作许可证:沪字第354号
- |
- 增值电信业务经营许可证:沪B2-20120012
Copyright © 1999- Shanghai Daily. All rights reserved.Preferably viewed with Internet Explorer 8 or newer browsers.