WARNING: Check URLs Before Entering Login Information; Facebook Is Not Faceboourk

By David Cohen 

As scams, malware, phishing, and other security dangers continue to thrive on Facebook, one way for users to protect themselves is actually quite simple: Examine the URLs of the pages you are taken to. After all, the name of the social network is “Facebook,” not “Faceboourk.”

Software architect Troy Hunt detailed a scam in a post on his blog, which works in a similar fashion to several other scams that have been reported in the past, but the URLs containing Faceboourk were an early indicator that something was amiss.

According to Hunt, the scam starts with a shortened URL allegedly leading to a video, and users who click on the URL are directed to a page that mirrors Facebook’s login page, save for the misspelling in the URL.

The scammers behind Faceboourk are after more than just login information, however, as subsequent screens ask users for their mobile phone numbers and their credit-card information, before finally directing them to the authentic Facebook site, Hunt reported, adding:

Whilst you legitimately logged into Facebook on those last two screens, every single one before then was hosted by scammers with the express purpose of siphoning off not only your Facebook credentials, but personal and financial data, as well. There’s nothing really unusual about a scam of this type, but this one is particularly well-constructed. No grammatical errors, no prevalence of uppercase “shouting” or excessive exclamation marks — in fact none of the tell-tale phishing signs I’ve written about in the past.

Then there’s the URL: http://www.faceboourk.com. Clearly, on closer inspection, this isn’t legit, but it’s close to legit, and often that’s all you need, particularly when there are no other phishing cues on the site. There are 588 characters in the entire URL behind that first bit.ly link, and only two of them give the game away.

So as a consumer, what can be done? Well the obvious thing is to carefully read the domain in the browser address bar, and if it’s not facebook.com or a subdomain such as secure.facebook.com, avoid it. Then of course the real Facebook uses SSL on the logon page, so you should be able to verify the authenticity of the site by clicking on the padlock in the address bar (the position will vary depending on the browser).

Simply put, these scams provide a great return on investment for online criminals, and we readily make it worth their while.

Readers: Have you ever been the victim of a scam, malware, or a phishing attack delivered via Facebook?