15 May, 2009

Don’t Click on Facebook Links Ponbon.im [FaceBook users be aware of ponbon.im, 121.im, 151.im phishing attacks]

Keyword: ponbon, ponbon.im facebook, check ponbon.im, .im, ponbon im, Facebook virus

Are you at work right now but secretly are logged into facebook.com? I mean, you minimized your Window of course, to make sure that the boss doesn’t see you.

Well, usually you go on there to check out with your friends or ex-boyfriends are up to, perhaps change your facebook status or just browse through new pictures, but be extra careful today as there is a Facebook scam where links to a site called ponbon.im,” are being sent to users.

"Don’t Click on Facebook Links Ponbon.im"


No, don't click any links to ponbon.im. This is a virus. More to the point ponbon.im is a worm, one that when you click on it will offer you a page where the phishers will attempt to steal your login and password. You really don't want that so you really don't want to clik on a ponbon.im link.
It’s called ponbon.im (and in some cases, another URL ending in .im). It has the potential to compromise your account. Following a link to that site could be big trouble if you don’t have updated antivirus software or you’re not using a secure browser. It’s also recommended that you download the latest updates for your operating system.
Worse than your computer getting infected, you may lose some of your Facebook friends when it uses you as a host to infect their their accounts as well.

Yup, it will indeed make you very unpopular, clicking on a pombon.im link:

As we've told you many times before, we're telling you again - do not click on suspicious links inside your Facebook messages and emails.



Facebook has confirmed that the site has fallen victim to another phishing attack following this mornings complaints from users that said they noticed a suspicious link that popped up on the site. If you receive an email like check ponbon.im, check 121.im or check 151.im, just delete the email and DO NOT click the link, because it may compromise your account too, give you viruses and may even delete some of your friends.

If you happened to have already visited one of those pages and don’t use a secure browser, along with an updated antivirus software, you risk to get infected and the virus will use your account to infect others. Be sure to update your operating system to the latest version and install the latest security updates.

Facebook later released this statement:

"This is a phishing attack. We’re well aware of it and are already blocking links to these new phishing sites from being shared on Facebook. We’re also cleaning up phony messages and Wall posts and resetting the passwords of affected users. We think this is related to the fbaction.net/fbstarter.com campaign of a couple weeks ago. You can read more about how we respond to phishing in our recent blog post here: http://blog.facebook.com/blog.php?post=81474932130 ."

This has not been the first time the site has been under attack - earlier in March, there was the "Koobface" worm - and it seems it won’t be the last.


The advice to avoid having your account compromised remains the same: make sure you run an up-to-date virus scanner, keep your OS updated, make sure you’re running the latest version of your web browser and do not enter your social networking passwords on third party sites.

If you’re concerned you might be affected by this or other scams, run a full virus scan on your system, clear the cookies in your browser (used by XSS attacks) and change your password for the compromised account.

0 Comment: