Web site imitates Facebook sign-in page.
Example: [Collected via e-mail, April 2009]
There is a message going around on facebook about a website called fbstarter.com that is supposedly a password grabber.
The web site FBstarter.com was one of multiple similar domains (such fbaction.net) that were being promoted in April 2009 through "Look at this" messages spread via e-mail,
text messaging, and web site postings. Users who clicked through on links to those domains were taken to what appeared to be the sign-in page for the Facebook social networking site. However, the domains had no connection to the real Facebook business entity (FBstarter.com, for example, was registered in Moscow), and anyone who logged in through such a domain risked having his password compromised and his Facebook account used to generate fraudulent messages to others in his name.
Facebook was quickly made aware of the issue and took appropriate steps:
We've already blocked www.fbstarter.com from being shared on Facebook. We've also blocked access to the URL so if someone does find it on Facebook (on their wall, in their inbox, or in an email notification) it won't send them to the destination. Finally, we'll automatically reset the password on any account that sent the malicious link. Thus, the data becomes useless to the bad guys very quickly.
The FBstarter.com site has long since been disabled, but those who have logged into Facebook through it or any similar domains should change their passwords as quickly as possible (making sure to do so through the real Facebook.com site).
30 April 2009