Don’t click on any links with the domain fbaction.net in them.
A phishing scam hit Facebook earlier today. Someone was sending out email messages that looked like official Facebook messages, asking them to click on a link that led to a domain — fbaction.net. There, on a fake site that looked like Facebook, people were asked to log into their Facebook accounts.
Fast action on Facebook’s part: The domain is already blocked on our ISP and the offending link won’t work on Facebook.
From a Facebook rep:
We are aware of this phishing domain and have already begun to take action. Specifically, we have passed the domain on to Markmonitor who pushes the domain to the browsers for blacklisting. They will also actively try to disable the site at the server/domain level for people who don’t have updated browsers. Our user operations team has blocked the domain from being shared on Facebook and is removing the content retroactively from any messages. They will also be resetting passwords of senders to remove access from an attacker. We’re also reaching out to the ISPs to get information and will attempt to build a civil and/or criminal case against the owners.
We don’t see too many phishing schemes for Facebook — mostly because scammers are more interested in your credentials on other sites where it’s easier to retrieve money. But as a popular service, Facebook will always have to deal with scams on a daily basis. Nice work on the company’s part to knock this out fast.