Well, it really seems like a new site trying to steal people’s Facebook credentials shows up every day. The .at and .be domains were attacked last week and this week the target seems to be the .ru domain. Yesterday I got a message to visit vingers.ru, and today the attack is coming in the form of nanoraw.ru. The Facebook message is similar: “Hello” for the subject and “nanoraw(insert dot)ru”.
Here’s the list of sites that have been spotted as part of this scam so far:
Instead of making a new post every time a new scam site shows up, I’ll instead update this list as soon as I find a new one. So you can bookmark this post to keep safe.
I’ve also noticed that the sites only work the first time you access them, and return a 404 Not Found error in subsequent requests. I’m guessing this is some kind of attempt to hide from the victims.