Phishing bait: Web site imitates Facebook sign-in page.
Example: [Collected via e-mail, April 2009]
There is a message going around on facebook about a website called fbstarter.com that is supposedly a password grabber.
Origins: The web site FBstarter.com was one of multiple similar domains (such fbaction.net) that were being promoted in April 2009 through “Look at this” messages spread via
Facebook was quickly made aware of the issue and took appropriate steps:
We’ve already blocked www.fbstarter.com from being shared on Facebook. We’ve also blocked access to the URL so if someone does find it on Facebook (on their wall, in their inbox, or in an email notification) it won’t send them to the destination. Finally, we’ll automatically reset the password on any account that sent the malicious link. Thus, the data becomes useless to the bad guys very quickly.
The FBstarter.com site has long since been disabled, but those who have logged into Facebook through it or any similar domains should change their passwords as quickly as possible (making sure to do so through the real Facebook.com site).
Last updated: 30 April 2009