User:Helpingoutmyfriend/test

A new phishing scam is hitting Facebook users on Thursday that, like others in recent weeks, sends them to a Web site which steals their log-in information and downloads malware.

The attack started with messages circulating between friends on Facebook with a subject line of "Hello" and a prompt to check out "areps.at" or other URLs ending in ".at".

The URLS, before being blocked, took the visitor to a fake Facebook page. If you logged in to the site, it steals your e-mail and password, logs you into Facebook, automatically changes your password, and sends the same message to all your Facebook friends, according to the All Facebook blog.

The malicious Web sites also spread the Koobface virus and install the Trojan.BHO, according to a CNET News test.

The URLs were blocked by Firefox and flagged as a "Web Forgery" as of 9:50 a.m. PDT. At least one of them was still up and downloading malware on Internet Explorer at that time.

"Whoever is behind the scam has been steadily amassing a large number of e-mail addresses and passwords over the past few weeks," the blog says. "Some days as much as three scams will spread throughout the site (possibly even more). Facebook rapidly shuts down all references to the site but by then the scam has spread to thousands of users."

A Facebook spokesman did not immediately return calls and e-mails seeking comment.

Separately, some Facebook users reported difficulty accessing the site on Thursday morning. It was unclear whether the connectivity issues were related to the phishing scam.