An e-mail phishing scam is propagating in France, linking to a fake Facebook website at the domain frfacebook.fr. Phishers have reported used it to successfully steal more than 5,000 Facebook user names and passwords. Predictably, a quick whois check on this domain shows that Facebook is not the owner.
Security Web-Center, which first reported the phishing scam, suggests that potential victims take the following safety steps:
- Change any passwords that were exposed (How to change your Facebook password).
- Contact the institution that was being masqueraded (in this case Facebook.com), and tell them that your personal information has been exposed.
- If the information provided can be used to access other institutions, contact them as well. For example, if your credit card number was exposed, contact your credit card company.
Navigating to this domain results in a warning in Google Chrome (my default browser), but not in Microsoft Internet Explorer 9 (my alternative). Note: I purposefully did not link to this domain in this article because I don't want readers accidentally clicking and logging in. I have reported the website to Facebook in hopes that the company will take action and take it down.
- Facebook Help Center Community Forum overrun with spam
- Facebook virus or account hacked? Here's how to fix it.
- Facebook identifies those behind coordinated spam attack
- Congresswoman to probe Facebook over coordinated spam attack
- Researchers invade Facebook with socialbots, grab 250GB of data
- Facebook Immune System checks 25 billion actions every day