There is a new wave of phishing scams that targeted Facebook users for the past few days and probably you’ve heard of this. It started with the phishing sites that registered under .at (Austria) and later the .be (Belgium) domain names. For this purpose, I’ve compiled a list of these phishing sites, and whenever you came across it in your Facebook email messages, do not click on the URL links.

A common trick is that all of these phishing scams start from a Facebook message with an aim to trick Facebook users to click on the URL links. In order to lure users to click on these links, all the subject line of the emails is either “Look at This”, “Hello” or “Check” following by one of the .at or .be domain names listed below.

This wave of phishing scams garnered much attention in Facebook since there are users who fail for the scam, lost their Facebook login details as well as the new cycle continues as the cybercriminals started using their accounts to send emails to their friends.

Picture: Phishing site; noticed that there is no Facebook logo in the header of the site

WARNING: DO NOT click links to the following sites:

Areps.at
Bests.at
Brunga.at
Kirgo.at
Nutpick.at

Atomclub.be
Bestspace.be
Bitclan.be
Databus.be
Dynasale.be
Goldbase.be
Greenbuddy.be
Indigoline.be
Linkteria.be
Mymarket.be
Orangefan.be
Picoband.be
Pinkamigo.be
Redbuddy.be
Redfriend.be
Silvertag.be
Sweeter.be
Vispace.be
Whiteflash.be
Whitemart.be

Nevertheless, the good news is that Facebook has taken action and blocked all of the outgoing links to the aforementioned phishing sites, while Firefox browser has also blocked its users from accessing to the above sites as well.

According to the news across the Web, Facebook has blocked two bogus Facebook sites, that are fbaction.net and fbstarter.com. These two sites used the same trick by sending the phishing emails to some Facebook users that attempts to convince them to type in their Facebook username and password onto these bogus sites.

As at this moment, some browsers are taking action towards blocking these two sites. With Firefox browser has pinpointed these two sites as Web forgery (as shown in below pictures) while Safari browser has neither show the Web sites on its browser.

Picture 1: fbaction.net on Firefox

Picture 2: fbstarter.com on Firefox

Picture 3: fbaction.net blocked by Facebook; with this outgoing link being blocked, i.e. www.facebook.com/l/4253f;http://fbaction.net/

Picture 4: fbstarter.com blocked by Facebook; with this outgoing link being blocked as well, i.e. www.facebook.com/l/4253f;http://fbstarter.com/

Ironically, the most popular browser on the Web, i.e. Internet Explorer still continue to allow one of the bogus sites being accessed as at my time of writing, as shown in the below picture.

As always, my advice to this type of the spoofed Facebook email messages, malicious links or bogus Facebook Web site is to look carefully on the actual URL shown on your browser. Type the www.facebook.com to access to your Facebook account whenever you want to login to your Facebook.