A scam targeting women on Facebook is spreading very rapidly across the social network, pretending to offer free makeup.
If you see a message like the following being posted by one of your Facebook friends, do not click on the link.
anyone want some free makeup? ive just ordered mine for free and i thought i would post it here before the offer runs out. its stuff like mac, maybeline, estee lauder etc! The site is: [LINK]
Of course, many women on Facebook might be tempted by the offer of free makeup and (without thinking about the possible consequences) click on the link, especially as it appears to have been shared with them by one of their online friends.
If so, they will find that they are taken through a sequence of pages which encourage you to give permission for a rogue application to access your Facebook profile.
Once the third party application has been given permission to access your Facebook information and post messages to your wall, you have walked straight into the scammers trap.
Without your knowledge, they are already posting messages on your Facebook wall spreading the advert for the “free makeup” virally to others on the social network. They are even sending specific messages to your Facebook friends, encouraging them to also take advantage of the free makeup offer.
Here’s what I saw when I deliberately permitted the application to access a test account I own on Facebook (which is only connected to other test accounts – I didn’t want to pass it on to any real Facebook users!):
As you can see one of my “friends”, Susan, has been deliberately targeted by the rogue application which posted a message to my account referring to her. If Susan were a real person she might well be tempted to click further for the free makeup offer.
So, why are the scammers doing this? Well, they want your real email address and phone number. They also want you to complete an online survey which will earn them some commission.
Scams like this need to be killed off, but Facebook seems to be having a bad time stopping them at its end. What’s needed is for more people to be skeptical about such offers, and always be suspicious whenever a third party application requires to access their profile without a legitimate requirement.
If you’ve been hit by a scam like this, remove references to it from your newsfeed, and revoke the right of rogue applications to access your profile via Account/ Privacy Settings/ Applications and Websites.
And don’t forget to warn your friends about scams like this and teach them not to trust every link that is placed in front of them. You can learn more about security threats by joining the thriving community on the Sophos Facebook page.
Hat-tip: Thanks to Naked Security reader Dave for bringing our attention to this scam. If you have something that you’d like us to investigate, email us at tip@sophos.com
