Users who saw "Hello" in an e-mail subject line Thursday and clicked on a Web link that said "areps.at" or "brunga.at" were taken to a fake Facebook log-in page, where they were asked for their passwords.
Those behind the attack are looking to use passwords to gain access to users' Facebook accounts which include personal information, as well as links to information about family, friends and business associates.
They're also hoping that those passwords are the same for users' other accounts, including bank accounts, which could "have more financial viability" for thieves, said Laura Mather, managing director of operational policy for the Anti-Phishing Working Group. The group is comprised of law enforcement, business and computer security professionals.
The latest Facebook phishing scam is "not widespread and only impacted a tiny fraction of a percent of users," said Facebook spokesman Barry Schnitt. "We've been updating our monitoring systems with information gleaned from the previous attacks so that each new attack is detected more quickly."
Some Facebook users said they knew of several other users who also received the suspicious e-mails.
"We have already blocked links to these new phishing sites from being shared on Facebook, have had them added to the 'block' list of the major (Web) browsers and have begun working with partners to have the sites taken down completely," Schnitt said. "We're also cleaning up phony messages and 'Wall' posts and resetting the passwords of affected users."
Facebook and other social networking sites, including MySpace and Twitter, have had problems previously with phishing. But Facebook, the largest of such sites, with more than 200 million users, seems to have been more of a target for the phishing attempts in recent weeks.
Earlier this month, the company said on its security blog that in conjunction with MarkMonitor enterprise security firm, "we've responded to over 1,400 phishing sites, including over 240 since the beginning of this year."
Last week, some Facebook users found similar phishing e-mails in their in-boxes with the "Hello" greeting and the body of the message telling them to "Check 121.im" with "121.im" as the Web link that went to a fake Facebook page. Many of them logged in, giving their passwords.
"To combat these threats, we need users' help, too," Schnitt said. He said it is important for users to have an up-to-date Web browser that has strong anti-phishing features, such as Firefox 3.0.10 or Microsoft's Internet Explorer 8. (Msnbc.com is a joint venture of Microsoft and NBC Universal.)
Users should also make sure they're logging in from a "legitimate Facebook page with the Facebook.com domain," Schnitt said.