Facebook has created an email address for people to report scams that take their information for the use of online thieves.
Phising is the theft of information. Phising emails tend to mimic real sites, but ask for usernames, passwords or financial information through their own links. People have been scammed out of thousands of dollars because of the misleading messages, which are usually vague and made to seem urgent.
Phishers rarely keep their sites up for more than a few days, switching URLs to avoid blacklists and takedowns, according to the Cable News Network.
CNN also reported that the social media company is actually trailing behind other sites when it comes to working on a phishing solution. Google has a phishing form users can fill out to report malicious websites. Ebay encourages customers to email spoof(at)ebay.com when they suspect a phishing attack. Twitter controls an @spam handle for reporting accounts that are set up for phishing.
“By providing Facebook with reports, we can investigate and request for browser blacklisting and site takedowns where appropriate,” Facebook wrote in a blog post today. “We will then work with our eCrime team to ensure we hold bad actors accountable. Additionally, in some cases, we’ll be able to identify victims, and secure their accounts.”
Facebook outlined these tips partnered with the Anti-Phishing Working Group, a global consortium of technology companies and law enforcement agencies to help users be aware of phishers:
- Be suspicious of any email with urgent requests for login or financial information, and remember, unless the email is digitally signed, you can’t be sure it wasn’t forged or ‘spoofed.’
- Don’t use the links in an email, instant message, or chat to get to any web page if you suspect the message might not be authentic or you don’t trust the sender, instead navigate to the website directly.
The address is phish(at)fb.com. Even those who aren’t on Facebook can use it to report malicious emails that pretend to come from Facebook, according to the Associated Press.
Facebook has been making an effort to address security issues with users directly for a few months now. The social network announced in June it would be contacting users believed to have computers infected with the DNSChanger virus to help them figure out how to rid their networks of the malicious malware, according to CNET.
“We have a pretty robust team here to deal with bad actors,” says Mark Hammel, a Facebook engineer and malware researcher told CNN. “This will give us extra visibility into people’s e-mail inboxes, where there wasn’t a good feedback mechanism in place.”
As of February, the Anti-Phishing Working Group was tracking 56,859 unique phishing sites. The single largest method for malicious attacks on PCs is through phishing schemes, according to the latest Security Intelligence Report from Microsoft, according to CNN.
The news source also reported that nearly half of clicked-on phishing attempts targeted social networks such as Facebook, according to Microsoft’s report.