The Facebook Blog

At Facebook, we take your security very seriously and have dedicated teams across the company that focus specifically on protecting people's accounts and fighting cybercrime. Recently we have noticed an increase in scams where people's login information is collected through phishing sites and then their accounts are accessed without permission to ask friends for money. While the total number of people who have been impacted is small, we take any threat to security seriously and are redoubling our efforts to combat the scam.

In this attack,... commonly known as a 419 scam, fraudulent individuals access Facebook accounts and pose as the account owner, claiming to be stranded in a foreign country without access to money. Once they've logged in, the scammers send Facebook Inbox and Chat messages and may even post status updates to the person's profile asking friends to send money, usually through Western Union, a money transfer service.

We've posted the full transcript of a real chat conversation between a Facebook user and a scammer to the Facebook Security Page, along with tips to avoid being scammed and instructions on how to report a compromised account. We've also worked with Western Union to help educate consumers about this scam. Western Union has posted a warning about the scam on their website, and they continue to educate their employees on this and other scams.

On the technical side, we have improved a number of our automated systems to better handle this unique class of scam and are taking efforts to ensure that we adapt our response to the scam as it changes. At the same time, our security team is working with law enforcement and collaborating with email providers and other industry experts to identify and catch the criminals responsible. Western Union also is working closely with law enforcement on scams such as this one.

While only a small number of people have experienced this type of scam on Facebook, we are committed to constantly improving our systems and implementing additional measures to better respond. We need your help too. Educate yourself on this scam and others by becoming a fan of the Facebook Security Page, and report any suspicious activity you see using the report links on the site and the contact forms in our Help Center.


Alok, a software engineer on the site integrity team, builds systems to protect you and fight crime.

This week, you may have heard about some new phishing websites that were created to look identical to authentic Facebook pages. Phishing is common across the Internet, but the security team at Facebook has been working to halt the spread of these latest malicious sites.

The fake sites, like the one below, use a similar URL to Facebook.com in an attempt to steal people's login information. The people behind these websites, known as "phishers," then use the information to access victims' accounts and send messages to their friends, further... propagating the illegitimate sites. In some instances, the phishers make money by exploiting the personal information they've obtained.



When the latest phishing incident surfaced on Wednesday, we quickly blocked the fake links from being shared on Facebook to stop their spread. We've been removing these links from Walls and Inboxes across the site and resetting passwords for any of the compromised accounts we detect. This foils the bad guys, because the login information they collect will no longer work.

Working together
Since phishing is an Internet-wide issue, we also work closely with others in the online security industry to combat these threats. For example, when we find a new phishing site, we send the information to MarkMonitor, a company that adds these phony sites to blacklists. If you've ever visited a website and seen a red sign indicating that it was a "Web Forgery," you've probably seen their work. They also get the fake websites taken down by internet service providers (ISPs), which connect you to the Internet and host websites, and other companies that manage websites. This is what happened with one of the phishing sites involved in the most recent attack. Together, we've responded to over 1,400 phishing sites, including over 240 since the beginning of this year.

Detecting threats
In addition to working with others, we're always improving our own systems. We look at unusual activity on Facebook to detect threats to protect people on the site. For instance, when someone posts to their friends' Walls at a higher rate than usual, we flag the account as potentially compromised. Similar to online banking websites, we take a lot of precautions around your login. If we suspect that your account has been compromised, we ask for additional information to confirm your identity.

How you can help
To combat these threats, we need to your help, too. Protect yourself by always following a few key rules of thumb when you're online: