

Ask HN: Has anyone else seen this Facebook phishing attack? - lexy0202

Take a look at this: http://www.facstatim.com/login/clien.php<p>I've been getting a strange notification from some of my friends on Facebook recently. It says "x has invited you to try 'update facebook security'". If you click that notification it takes you to a blank Facebook app which immediately redirects to the link  in this post.<p>It is clearly a clone of the facebook session timeout page and is designed (as far as I can tell) to harvest users/passwords and spread itself. After you enter a user/password (even fake credentials), it redirects you to another page to take your credit card.<p>My friend actually fell for the first part of this and some of his friends have now been sent the notification.<p>I'm not sure about how to report this sort of thing to Facebook but this particular attack appears to be very convincing since it's not at all obvious (to most people) that the target site isn't facebook.<p>I've had a look at the root of this particular domain and it appears to be completely harmless. Strangely enough, when my friend got the link, his was on a completely different site, so it looks like someone has gained access to multiple sites to deploy a version of this scam.<p>If anyone knows anything else about this I would be very interested to know more.
======
lexy0202
Clickable: <http://www.facstatim.com/login/clien.php>

