Yet another phishing attack hit Facebook users on Thursday – the second of its kind during a span of one week!

In their attempt to obtain users’ passwords to the social networking site, the hackers sent an e-mail with “Hello” in the subject line, followed by a message asking the users to click on a Web link that said "areps.at" or "brunga.at." 

The mentioned link guided the unsuspecting users to a bogus Facebook log-in page, asking for their passwords. And, as always, the passwords are the hackers’ key to users’ Facebook accounts, which not only include their personal
information, but also contain links to information about family, friends and business acquaintances.

Since the latest phishing attack appears to be more of an “information-collection” attempt rather than a malware-distributing one, AppRiver’s senior security analyst, Fred Touchette, said that the attackers generally direct users back to the
official Facebook page once they’ve stolen the log-in credentials of the users.

Touchette also said that unlike other phishing attcks, this one is easier to spot too. He said: “This one is quite simple to avoid. Obviously there is no mention of Facebook within this address, and therefore provides a clue as to its malicious
intent.”

Facebook spokesman Barry Schnitt said that the scam is “not widespread and only impacted a tiny fraction of a percent of users.”