Facebook users were hit on Wednesday with a phishing attack that tried to steal names and passwords from users of the popular social network.
In the attack, people are sent phoney emails, appearing to come from Facebook, that try to send them to a malicious website, Fbaction.net, which looks like a Facebook log-in page. The Fbaction.net was offline on Thursday morning.
"Our user operations team has blocked the domain from being shared on Facebook and is removing the content retroactively from any messages," said Facebook. "They will also be resetting passwords of senders to remove access from an attacker. We're also reaching out to the ISPs to get information and will attempt to build a civil and/or criminal case against the owners."
Victims of the attack were being sent a message with the Subject line 'Hello', that appeared to come from a friend, according to TechCrunch, which first reported the attack. The message simply invited the victim to 'Visit http://www.facebook.com/l/4253f;http://fbaction.net/'
That URL redirected the victim to the Fbaction.net website.
Victims of the phishing attack are given several warnings. The first comes when they click on the link in the original message and are redirected away from Facebook's website. Another warning pops up after users enter their name and password on the phishing site and are redirected back to Facebook. This second warning advises victims to change their password.
The Fbaction.net website does not attack the victim's computer, but only tries to collect log-in information.
Criminals like to have this kind of information because computer users often have the same usernames and passwords on several Web sites. Hacked Facebook accounts are also useful for launching future attacks, security experts say.