Scary - Facebook Message Points to a Phishing Site

Scary – Facebook Message Points to a Phishing Site

18 aug 2009

There are some rogue applications in the Facebook ecosystem that are trying to harvest your Facebook credentials. You are taking to a phishing site that looks exactly like the Facebook start page.

This is something really scary and could affect your Facebook account as well.

I just got a notification in my profile saying someone has sent me a message on Facebook. As you can see in the screenshot, the notification looks like a real one.

I clicked that link but instead of opening my Facebook Inbox, I was taken to the Facebook login form saying "you must log in to see this page".

The only problem is that this login page is not hosted on facebook.com but fucabook.com (possible a phishing site) and had I not seen the address bar, my Facebook credentials would have easily landed in someone else’s inbox.

The app in question is called Inbox and the bad part is that it is still available in the Facebook Applications directory.

It’s quite possible that the same developer may have created many different Facebook apps with the same purpose so make sure you look at the status bar of the browser before you click any notification messages on Facebook.

Is my Facebook account hacked?

If you see such a notification in your Facebook profiles, it doesn’t necessarily mean that your Facebook account has been hacked. What it means is that one of your Facebook friends added that "rogue" application to his or her Facebook page and that action probably caused this phishing related message to show up in your profile.

http://www.johnpopes.com John Pope

What’s more scary for me is that the invitation comes from “Laurentiu Iulian M. Popa”, a Romanian name, the same country I was born in.

I guess that it’s true what they say about my country being one with the highest thefts in computer industry.
http://www.blogrpro.com BlogrPro.Com

Damn Phishers,

Why are they irritating us like this always?

Good info Amit. Also try to inform this to Facebook team.
http://ad1987.blogspot.com/ Abhisek

Scary, indeed.
http://tndzulo.blogspot.com Joe NDZULO

Hi Amit. Thank you very much for this warning message. There are indeed many apps on Facebook many of which providing the same service, and a times, less vigilent users can easily fall in the traps set by hackers.

May more than one see this post and be careful in using apps on social websites.
http://www.indigic.blogspot.com saurabh

Thanks amit for timely warning..
But the frequency with which these social networking sites like facebook and twitter are being attacked is not a happy sign for future as these sites contain really a large amount of personal data…scary indeed.
http://premiumblogger.net Romel

These lamers should use a server to create a domain like facebook.com to do the job more smartly. It is a pretty old phishing style.
anyway, good post :)
http://www.dkdinkar.blogspot.com Deepak

Thanks for sharing , Amit !
http://imugur.com mugur

The guy is Romanian…
http://activeenglishspeaking.com Maggi

I had to close Activeenglish.biz last year because of hackers who hacked it badly 3 times….so I am deadly scared of anything like that happening again…

Thanks for this warning. I shall be on the alert in future with all I open or even check.
Yes, it is scary

Maggi
Nirav

Hi Amit,
That’s great info.
Facebook developers team would appreciate your input if brought into their notice.
http://www.facebook.com/home.php#/profile.php?id=16827260&ref=name Lynn David

I wonder how many people this affected. What’s fucabook supposed to be anyway? Either way, I’ll definitely be more careful and aware. Thanks Amit, keep the good content coming.

Technology, Software and Internet

Scary – Facebook Message Points to a Phishing Site

You may also like: