An ongoing phishing campaign has been found to carry additional malicious cargo.

"A currently ongoing Facebook phishing campaign is not only attempting to phish fresh Facebook accounting data, but is also serving client-side exploits through a copycat web malware exploitation kit known as the Phoenix Exploit Kit," writes ZDNet's Dancho Danchev.

"[Ensure] that you put basic security auditing practices into action -- such as least privilege accounts; sandboxing; client-side flaws patching, and a well configured NoScript for Firefox users," Danchev advises.

Click here to read the ZDNet article.