Facebook Adds Security in Wake of FBaction.net Attacks

source : www.dailytech.com

Facebook says it will pursue legal action against attacker

The use of social networking websites is skyrocketing. At first, social networking was mostly the realm of college students and teens looking to stay connected with friends. Social networks like Facebook have now been adopted as tools for business and users of all ages access the site.

Recently, the Pentagon even started to make use of social networking sites like Twitter and Facebook to help attract recruits for military service. With the skyrocketing success of Facebook, it's no surprise that success has led to undesirable elements being attracted to the website as well.

Last week Facebook was besieged by phishing attacks from a website called FBaction.net. The nefarious attack delivered messages to a Facebook friends list telling the users to check out a link. The link led to a fake Facebook page where users were tricked into entering their Facebook username and password.

Facebook says that is has now taken steps to stop the phishing attacks and to prevent users from accessing the FBaction.net website. Facebook says that it has given the site URL to MarkMonitor, a service that Facebook uses for security and around the clock monitoring and prevention of attacks on its network.

Facebook threat analyst Ryan McGeehan said, "Our deep commitment to the safety of our users requires a strong proactive security strategy, best-of-breed technology, and active engagement with industry leaders. MarkMonitor demonstrated that it understood the complexity of the phishing issue we were facing, so it was a natural next step for us to bolster our own security systems with their anti-malware solution."

Facebook says that it intends to pursue legal action against the owners of FBaction.net and that Facebook employees are resetting the passwords of users that were affected by the phishing attacks.

MarkMonitor CMO Frederick Felman said, "The meteoric success of Facebook makes it a natural target for malware attacks that seek to capitalize on their trusted and recognizable brand. Our experience protecting Fortune 500 companies, as well as our close day-to-day interaction with Facebook's own dedicated security team, allows us to expertly address Facebook's concerns about malware and phishing, and to help protect their platform and their users from ongoing attacks."