Whiteflash.be – Today’s Facebook Phishing Scam
24 May
UPDATE: Check this list of scam sites that I compiled and will be updating when some more sites show up.
I wasn’t affected by last weeks areps.at Facebook phishing scam, but it seems like another one is underway right now. I’ve been getting some messages on my Facebook account with the subject “Look at this” and ”wwww whiteflash be” as the message body. The site whiteflash.be looks like a Facebook log-in page, and is designed to steal your credentials and use them to send similar messages to all your friends.
Mashable mentions some other sites that are also part of the attack:
goldbase.be
greenbuddy.be
silvertag.be
picoband.be
So, if you receive such a message, DO NOT go to those sites.
UPDATE: You can add simplemart.be to the list of culprits, just received one message poiting me to it, with the subject line “Hello” and the text “Check simplemart D0T be, , 575222″. The weird thing here is that when I went I actually went to Facebook to check it (I saw it as an email notification) is it said I had deleted the message, which I didn’t. Maybe the Facebook staff is now onto it.
Hey,
Thanks for this – I just got one too.
Deleted it straight away…..
Yep, thanks! Got two today too. Looked like something unusual, and you just confirmed it!
Thanks again! 
Got one too – just today.
“wwww whiteflash be”
… was the message body.
Im really freaked out. I just got a message with that on it! Thank you So much for writing about it!!!!!
thanks bro 4 ur kindly information…
Hello.
I had just received this message, and was stupid enough to follow the link.
What could happen, and do you have any advice on what to do?
The advice on Mashable’s post will probably help (http://mashable.com/2009/05/24/goldbasebe-facebook/):
1. As a precaution, go to your browser settings and clear your cookies.
2. Change your Facebook password
3. Make sure your antivirus software is up to date and run a full system scan
Hey, I received one also and I was suspicious and decided to look in the internet what this was and I found your post! Thanks very much!
I opened th email… what does that mean?
Just opening the email/message is not harmful at all. Even going to the scam site is probably harmless (considering you’re using a decent browser). The problem starts only when you log-in with your Facebook credentials.
Facebook credentials???? u mean the id and password????/
i did enter the password
Then realized n changed my pwd immedietly
what do u think wud happen now????
The problem is that no one knows exactly what those phishing sites are collecting. They might try to use that same email address and password to access other services online, so I would say the best thing to do is to stop using that password and changing it in every site where you’re using it.
thank you for good information it was really useful I have received such message too.
Nice one! Thought it was odd and avoided going to the site full stop! This is a great blog and very useful. Thanks for the effort in keeping people informed and safe from this type of scam!
Shoot! I got suckered into this one and actually visited the whiteflash site … do I just wait now for the grim reaper or is there anything I can do? advice appreciated
If you haven’t logged in to that site there’s nothing to worry about. If you did, there are a few things you can do to minimize the damage. Please read the previous comments to know what you can do.
hey,… i got this message on my facebook… i didnt click on the whiteflash link but i copied and pasted it to google and found this.. does that count as accepting the virus or whatever it is????
im so crap at computers lol
Don’t worry. No harm in opening the message.
And it’s a good sign you came here first. That means you probably ended up not going to the malicious website, so there’s nothing to worry about
U jus Saved my day!!!!the site wasn’t opening up ..so I googled and found your post…God bless you…;)x
hi,
the same as Ivy:), I have found this page while insisting to open that site
thank you very much:)
Thanks for the information, had one today, will delete it straight away.
Take care, Thanks again.
Cheers for that.
I get notification of messages sent through to my e-mail address from Facebook so always just click on link in the e-mail to take me through to facebook, log in, see message.
Done that with this message. Is it the notification link that’s dodgy (i.e. not taking me from my e-mail to facebook) or is it actually clicking on the link once I get into Facebook that’ll do me?
Cheers anyway.
Thanks bro
Thanks for the info, this was helpful indeed!
Damn sneaky – what a crap thing to do!
I got the link sent to me by my cousin last night, and as I don’t speak to her often I thought her mail was a bit brief.
Luckily just after I typed in my username I started wondering why a site that has nothing to do with Facebook would need my account details.
First time I have been exposed to this kind of bulldust – what has the world come to, seriously?
And as for what people can do with your account details, cos I didn’t think it could do much harm :
http://www.consumerwarningnetwork.com/2009/02/05/facebook-id-theft-new-phishing-scam/
I received this link too and unfortunately clicked on it but then i realised that this might actually be one of the phishing scams I read about and quickly clicked on the back button of my internet browser a few times. I then reached my initial facebook log in page.
Problem is I do not know for sure if this was my initial log in page or the one that pops up after clicking on the link as you mentioned. I am hoping for the best that this was my initial log in page. (as i did click on the back button of my internet browser). I then entered my credentials on this page after some time and logged into facebook again.
I just changed my password after googling and reading your site (which is roughly 12 hrs after clicking on the link). i am hoping all is ok now…does anyone know if i am safe? or do i need to get rid of my facebook account now?