Another phishing site is making the rounds on Facebook today, and this time it’s “areps.at” (not linked). However, like other phishing attacks on Facebook, Facebook started blocking all links to the site once its security systems detected its spread this morning.
Facebook doesn’t reveal how many people scams like these affect, but has said in the past that similar phishing attacks have reached “less than 1%” of users. 1% of 200 million is still a significant number of accounts, but it’s likely that Facebook discovered the site earlier than that.
These kinds of phishing attacks are popping up with regular frequency now, and Facebook’s security team continues to develop early detection systems to fight them off. However, attacks like these do illustrate one type of social networking security challenge that’s likely to persist – click through rates on messages from friends are always going to be high, even if the contents of the message are somewhat out of the ordinary.
Facebook’s security team has been working with Microsoft in recent months to detect and fight off variants of the Koobface worm. For more information, check out our previous coverage: