Social network site Facebook was attacked for the second day running by a worm that lured members to visit a false Facebook page that stole their usernames and passwords when they logged in.
Facebookers receive a message, purporting to come from a friend, saying "check this out", with a link to the fake site. The site for Thursday's attack was "FBStarter.com", while Wednesday's directed users to "BAction.net." Both were killed within hours, Facebook officials said.
Facebook kills attacks by deleting the rogue URL from members' pages, blocking fresh postings, and deleting the redirect to the URL that appears in e-mail messages, It also resets the passwords of member accounts that had been used to distribute the spam.
Facebook uses MarkMonitor, the brand protection firm, which asks key internet service providers to take down or block the phishing URL.