A very convincing scam that spoofs Facebook verification pages is being used to steal users’ personal details and credit-card information before taking user to the real Facebook, leaving many victims none the wiser that they’ve just given their sensitive details to criminals.

After the visitor logs into his Facebook account, the phony site asks victims to update their Facebook account security and provide additional information — a security question, a mobile-phone number and full credit-card details, right down to the expiration data and card security code. There’s even an “overall protection” graph that mimics password-entry forms.

Unless they pay close attention to the address bar, the nearly perfect spoof page is likely to make users feel perfectly safe. Although the page looks exactly like Facebook, it’s actually faceboourk.com.

Source: Mashable