New Protections for Phishing

Posted: 11/08/2012 in Uncategorized

Today, Facebook is proud to announce the launch of phish@fb.com, an email address available to the public to report phishing attempts against Facebook. Phishing is any attempt to acquire personal information, such as username, password, or financial information via impersonation or spoofing.

By providing Facebook with reports, we can investigate and request for browser blacklisting and site takedowns where appropriate. We will then work with our eCrime team to ensure we hold bad actors accountable. Additionally, in some cases, we’ll be able to identify victims, and secure their accounts.

You might ask yourself how to spot suspected phishing emails. Our partners at the Anti-Phishing Working Group have put together some helpful tips to avoid being deceived by these messages:

  1. Be suspicious of any email with urgent requests for login or financial information, and remember, unless the email is digitally signed, you can’t be sure it wasn’t forged or ‘spoofed’
  2. Don’t use the links in an email, instant message, or chat to get to any web page if you suspect the message might not be authentic or you don’t trust the sender, instead navigate to the website directly

This new reporting channel will compliment internal systems we have in place to detect phishing sites attempting to steal Facebook user login information.  The internal systems notify our team, so we can gather information on the attack, take the phishing sites offline, and notify users.  Affected users will be prompted to change their password and provided education to better protect themselves in the future.

While rare, we hope that you forward us any phishing attempts you encounter. Together we can help keep these sites off the web and hold the bad guys responsible. As a reminder, you can visitwww.facebook.com/hacked if you think your account may be compromised.

You can find out more about phishing in our Help Center. You can also forward phishing emails to any of the following: APWG (reportphishing@antiphishing.org), the FTC (spam@uce.gov), and the Internet Crime Compliant Center (www.ic3.gov).

https://www.facebook.com/notes/facebook-security/new-protections-for-phishing/10150960472905766

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s