Phishers offer false security in exchange for your Facebook password

It is possible that the recent launch of Facebook’s Safety page gave phishers the idea of launching one of their own, since Symantec recently detected a phishing website posing as a “Security and Privacy Update” page:

But, while the legitimate one offers to keep you abreast of security issues plaguing the social network, the fake one tries to convince you that you only have to enter your email and password in order to be protected from spam, hackers and other “who want to ruin your facebook”.

Setting aside the fact that the phishing page is full of spelling errors, awkward sentences, and simply looks fake even at first glance, if you check the URL of the page (hxxp://security-center-update2010.******.com/logs.index2010.htm – domain name removed) before entering the sensitive data requested, you will notice that the page is not hosted on Facebook and tries to masquerade itself as a website related to a security update.