Beware of Facebook phishing

If you haven’t already heard or seen anything about it yet, the latest buzz is that a message is appearing in peoples Facebook profiles on their walls as a fake link that takes you to a site which is supposed to contain ‘naughty’ pictures.

lol i cant believe these pics got posted….its going to be BADDDD when her boyfriend sees these- http://www.facebook.com.profile.php.id.371233.cn

Whatever you do, DON’T go to that link which is not only fake, but if you sign in with your details, they’re most likely to be stolen by whoever it is that’s set up the scam.

One of the interesting things about it is that the link brings up 10 IP’s when doing a /dns in IRC:

::: dns: resolved (www.facebook.com.profile.php.id.371233.cn) to (123.2.88.67)
::: dns: resolved (www.facebook.com.profile.php.id.371233.cn) to (67.187.50.73)
::: dns: resolved (www.facebook.com.profile.php.id.371233.cn) to (75.40.34.217)
::: dns: resolved (www.facebook.com.profile.php.id.371233.cn) to (68.35.99.164)
::: dns: resolved (www.facebook.com.profile.php.id.371233.cn) to (89.137.104.116)
::: dns: resolved (www.facebook.com.profile.php.id.371233.cn) to (75.34.154.23)
::: dns: resolved (www.facebook.com.profile.php.id.371233.cn) to (68.32.237.248)
::: dns: resolved (www.facebook.com.profile.php.id.371233.cn) to (24.63.186.71)
::: dns: resolved (www.facebook.com.profile.php.id.371233.cn) to (72.225.29.44)
::: dns: resolved (www.facebook.com.profile.php.id.371233.cn) to (81.219.49.40)

Yet when doing a lookup on the internet, it brings up – 74.139.81.193 is from United States(US) in region North America.

A little tip when recognizing links, note that it’s…

facebook.com.profile.php.id
it should be
facebook.com/profile.php?id

…the difference being the / and ? in the URL instead of just dots. Anyway, just be careful of any links you go to and especially tinyurl links, tinyurl have realised that their service is abused for directing people to malicious links and have a section on their site called TinyURL Preview when, once activated, when you try to go to a TinyURL link, you will be redirected to the preview page and the real URL will be revealed as long as you have the cookie.