Last Thursday, I wrote about Facebook Likejacking. Today, similar pages were brought to my attention. They use Likejacking to spread through user profiles using much more aggressive spam techniques.
The pages looks like they come from Facebook. The teaser is a video that should be watched “only if you are 16 or older”. The play button hides a Facebook Like widget.
 |
| Spam page looking like Facebook |
Before the user can play the video, he must either verify that he is at least 18, or that he is a human … by filling out surveys, trying games, etc.! The spammers are paid for each action taken by the user (PTC campaign).
 |
| “Security check”: the user must fill out a survey |
|
|
If you stay on these pages long enough, they will attempt to send a form on your behalf. Fortunately, Firefox throws a warning.
 |
| Firefox prevent the automatic POST |
acidattacker.com shows a Facebook page and a Youtube page with the same content.
 |
| Fake Youtube page from spammers |
These spam pages can be found at:
- hxxp://bnltwo.info/video2/
- hxxp://acidattacker.com/
– Julien
Related Posts
- Facebook comment-jacking? OMG! I Can’t believe JUSTIN Bieber did THIS to a girl
It's starting to seem like Facebook can't win against those who wish to use their service to scam, spam and simply cause trouble. Over the last day or so, a new type of attack has been spreading using... - Malicious Spam on the increase again
Malware distribution via email is far from dead. While we had a distinctly quiet period from October 2010 to March 2011, our stats show the bot herders are gearing up again with the proportion o... - Cyber Crooks All Set to Crash the British Royal Wedding
As we have seen with many major events in the past, news of the British Royal Wedding is currently being used by cyber criminals to bolster their spam campaigns and push rogue antivirus software throu... - Malware spammed out as “FaceFacebook Support”.
Another Facebook spam mail pretending that your password is not safe, currently circulating on Internet. The subject is: FaceFacebook Support. Personal data has been changed!ID55733. The email comes w... - New spamvertized campaign theme
The wave of United Parcel Service, DHL Global and Post Express Office spam - which has been so prolific and leading to scareware infections - changed to Bobijou Inc. over the Easter weekend.Howe... - “Download photoalbum” another variant of “i got u surprise”
Previously we have written about the "i got u surprise" spam trojan on Facebook. And today, we still discovered another variant. This time, the message that is received by the victim is only "u?" and ... - Anger after scam-exposing community shut down by Facebook
In a bizarre and hard-to-understand move, a Facebook page which claims it helped countless Facebook members stay safe online on the social network has been shut down... by Facebook.
The Bulldog Estate... - How to report a Facebook scam
At some point in your life, one or several of the Facebook scams out there might affect you enough to look for ways on how to report them and go on a vendetta rampage against the scam creator. I... - shocktube.info is a scam!
Beware, this site was reported involved with a scam and Likejacking activity. The spam was spread on Facebook, with a message like this:
UNFASSBAR! ... Ich hab jeden Respekt vor Miley Cyrus verlore... - Facebook scam “My Top 10 stalkers” targets users in specific countries
A new spam campaign, similar to campaigns we have seen in the past, is spreading on Facebook. This one, however, has some interesting twists to it. The core of the campaign in...
Posted on 16 March 2011. Tags: 'likejacking', Facebook, Phishing, Spam
The above information is reprinted from and copyrighted © by Zscaler.
One Response to “Facebook Likejacking, phishing and spam”
Trackbacks/Pingbacks
[...] Like-Phising has died out, and now another form of spam has emerged to take it’s place — auto-likes. [...]