Social network siteFacebookwas
attacked for the second day running by a worm that lured members to
visit a false Facebook page that stole their usernames and
passwords when they logged in.
Facebookers receive a message, purporting to come from a friend,
saying "check this out", with a link to the fake site. The site for
Thursday's attack was "FBStarter.com", while Wednesday's directed
users to "BAction.net." Both were killed within hours, Facebook
officials said.
Facebook kills attacks by deleting the rogue URL from members'
pages, blocking fresh postings, and deleting the redirect to the
URL that appears in e-mail messages, It also resets the passwords
of member accounts that had been used to distribute the spam.
Facebook uses
MarkMonitor, the brand
protection firm, which asks key internet service providers to take
down or block the phishing URL.
