Hackers launch Facebook phishing attack

Perpetrators broke into some member accounts and sent messages to friends urging them to click on fake Web sites.

EMAIL  |   PRINT  |   SHARE  |   RSS
 
google my aol my msn my yahoo! netvibes
Paste this link into your favorite RSS desktop reader
See all CNNMoney.com RSS FEEDS (close)

Do you think the changes being made at Chrysler and General Motors will save the companies?
  • Yes, both of them
  • Only GM
  • Only Chrysler
  • Neither

BOSTON (Reuters) -- Hackers launched an attack on Facebook's 200 million users Thursday, successfully gathering passwords from some of them in the latest campaign to prey on members of the popular social networking site.

Facebook spokesman Barry Schnitt said Thursday that the site was in the process of cleaning up damage from the attack.

He said that Facebook was blocking compromised accounts.

Schnitt declined to say how many accounts had been compromised.

The hackers got passwords through what is known as a phishing attack, breaking into accounts of some Facebook members, then sending e-mails to friends and urging them to click on links to fake Web sites.

Those sites were designed to look like the Facebook home page. The victims were directed to log back in to the site, but actually logged into the one controlled by the hackers, unwittingly giving away their passwords.

The purpose of such attacks is generally identify theft and to spread spam.

The fake domains include www.151.im, www.121.im and www.123.im. Facebook has deleted all references to those domains.

Schnitt said that Facebook's security team believes the hackers intended to collect a large number of credentials, then use those accounts at a later time to send spam hawking fake pharmaceuticals and other goods to Facebook members.

The site fought off a similar attack two weeks ago, he said.

Privately held Facebook and rival social network MySpace, which is owned by News Corp. (NWS, Fortune 500) , require senders of messages within the network to be members and hide user data from people who do not have accounts. Because of that, users tend to be far less suspicious of messages they receive.

Hackers used a phishing attack last year to spread a malicious virus known as Koobface (a reference to Facebook). It was downloaded onto Facebook members' PCs when they clicked on a link sent to them in an email that looked like it had been sent by a friend on Facebook. To top of page

Features
They're hiring!These Fortune 100 employers have at least 350 openings each. What are they looking for in a new hire? More
If the Fortune 500 were a country...It would be the world's second-biggest economy. See how big companies' sales stack up against GDP over the past decade. More
Sponsored By:
More Galleries
2015 Mustang's asphalt-peeling power goes modern The new Ford Mustang has been upgraded and updated to compete globally - but never fear, it's still a monster. More
15 top executives with $1 salaries Some CEOs and founders agree to salaries of just $1 a year. But once goodies like bonuses and stock options are added in, some of those executives end up taking home many millions of dollars a year. More
Mercedes SL65 AMG: 621 horses of topless power Turn heads as you blow by traffic in this roadster convertible from Mercedes. More
Worry about the hackers you don't know 
Crime syndicates and government organizations pose a much greater cyber threat than renegade hacker groups like Anonymous. Play
GE CEO: Bringing jobs back to the U.S. 
Jeff Immelt says the U.S. is a cost competitive market for advanced manufacturing and that GE is bringing jobs back from Mexico. Play
Hamster wheel and wedgie-powered transit 
Red Bull Creation challenges hackers and engineers to invent new modes of transportation. Play

Copyright 2009 Reuters All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.
Market indexes are shown in real time, except for the DJIA, which is delayed by two minutes. All times are ET. Disclaimer Morningstar: © 2014 Morningstar, Inc. All Rights Reserved. Disclaimer The Dow Jones IndexesSM are proprietary to and distributed by Dow Jones & Company, Inc. and have been licensed for use. All content of the Dow Jones IndexesSM © 2014 is proprietary to Dow Jones & Company, Inc. Chicago Mercantile Association. The market data is the property of Chicago Mercantile Exchange Inc. and its licensors. All rights reserved. FactSet Research Systems Inc. 2014. All rights reserved. Most stock quote data provided by BATS.