List of Facebook Phishing Scam Sites

27 May

Internet

facebook-scam

Well, it really seems like a new site trying to steal people’s Facebook credentials shows up every day. The .at and .be domains were attacked last week and this week the target seems to be the .ru domain. Yesterday I got a message to visit vingers.ru, and today the attack is coming in the form of nanoraw.ru. The Facebook message is similar: “Hello” for the subject and “nanoraw(insert dot)ru”.

Here’s the list of sites that have been spotted as part of this scam so far:

  • afoi.ru
  • areps.at
  • bests.at
  • bestspace.be
  • brunga.at
  • goldbase.be
  • greenbuddy.be
  • indigoline.be
  • kirgo.at
  • mymarket.be
  • nanoraw.ru
  • nutpic.at
  • picoband.be
  • ponbon.im
  • redbuddy.be
  • redfriend.be
  • silvertag.be
  • simplemart.be
  • sweeter.be
  • vingers.ru
  • whiteflash.be
  • whitemart.be
  • yospace.be

Instead of making a new post every time a new scam site shows up, I’ll instead update this list as soon as I find a new one. So you can bookmark this post to keep safe.

I’ve also noticed that the sites only work the first time you access them, and return a 404 Not Found error in subsequent requests. I’m guessing this is some kind of attempt to hide from the victims.

6 Responses to “List of Facebook Phishing Scam Sites”

  1. colin May 27, 2009 at 1:18 PM #

    yeah, i keep getting these but i dont ever log in?, what happens if you do login?

    • Farinha May 27, 2009 at 1:23 PM #

      If you do login they get your Facebook username and password and use it to log-in and send similar messages to your friends.

      After that a lot of things can happen. They could try to pull something like this:
      http://www.consumerwarningnetwork.com/2009/02/05/facebook-id-theft-new-phishing-scam/

      They can also use those same credentials to log-in to your email account, because a lot of people use the same credentials in both places. And maybe also online banking services and the like.

      It’s the modern identity theft.

  2. Jay May 27, 2009 at 1:34 PM #

    This nanoraw(insert dot)ru isn’t recognized yet. Seems that the scammers pulled a fresh one. Anyway, your site is the only one that mentions this website, good job!

  3. Tony Wittebolle July 19, 2010 at 3:11 PM #

    Hi,

    Thank you for making such a list!
    I might found a new one though. A couple of weeks now a lot of my friends and 10.000+ other people have received an invite to an event called “TONEZ”. This “service” claims to give away free ringtones for your phone, but when you get to the actual page, it costs €14 a week…

    There is a link on the FB Event Page and some info about it.
    It’s one of those new google links that shorten the url’s:
    “http://”
    “goo.gl/”
    “sFAR”
    I’ve fragmented it in the hope that your site won’t get aimed at…

    I guess it’s not a real scam, but rather a dubious technique or something like that, I admit that I know not that much about these things…
    I and a couple of my friend have already reported it once(last month) to FB, but the page only moves to a new one, so I guess the more people know about it, the less will actually go and try to use it.

    Keep up the good work!

Trackbacks and Pingbacks

  1. Whiteflash.be - Today’s Facebook Phishing Scam | Flour Power - May 29, 2009

    [...] List of Facebook Phishing Scam Sites | Flour Power 27 05 09 [...]
  2. Vingers.ru - Another Facebook Phishing Scam | Flour Power - May 29, 2009

    [...] http://antoniofarinha.com/blog/2009/05/27/list-of-facebook-phishing-scam-sites/ [...]