A new spam campaign, similar to campaigns we have seen in the past, is spreading on Facebook. This one, however, has some interesting twists to it.
The core of the campaign involves a Facebook app that claims to know who your “Top 10 stalkers” are. Our customers are protected from this campaign by ACE, our Advanced Classification Engine.
It works by creating an album – “My Top 10 stalkers” – with the description “Check who views your profile @,” followed by a bit.ly URL-shortened link. It then automatically uploads a photo to the app and tries to mark all the user’s friends in the photo.
The bit.ly link redirects the user to a page that uses JavaScript to determine the geographical location of the computer based on its IP address. Depending on the location, the page then redirects users located in specific targeted countries to the Facebook App in an attempt to further spread the infected link. The campaign is targeted at Facebook users in the United States, Canada, United Kingdom (including a specific target for Great Britain), Saudi Arabia, Norway, Germany, Spain, Slovenia, Ireland, and United Arab Emirates.
At the time of writing, hackers have switched to using a new app. The first illegitimate app was deleted by the Facebook security team. Both apps use exactly the same mechanism to post spam profile messages in Facebook. Regardless of whether the JavaScript redirects the browser to the Facebook app because of its origin, all users are ultimately redirected to a scam page that tries to lure them into completing several fake surveys. Hackers use this method to try to collect personal information such as the user’s home address, e-mail address, or phone number.
If the user tries to navigate away from the page or close the browser, a message appears asking them to stay and complete a “SPAM-free market research survey to gain access to this special content.” Special it may sound, but it is definitely not spam-free!
As always, if a page forces you to Like, Share, or install an application in order to view it, DON’T DO IT! Chances are, it’s spam.
Install Defensio, our free security app for Facebook, to prevent scams like this from ever appearing in your news feed.
Related Posts
- Facebook comment-jacking? OMG! I Can’t believe JUSTIN Bieber did THIS to a girl
It's starting to seem like Facebook can't win against those who wish to use their service to scam, spam and simply cause trouble. Over the last day or so, a new type of attack has been spreading using... - Malicious Spam on the increase again
Malware distribution via email is far from dead. While we had a distinctly quiet period from October 2010 to March 2011, our stats show the bot herders are gearing up again with the proportion o... - Malware spammed out as “FaceFacebook Support”.
Another Facebook spam mail pretending that your password is not safe, currently circulating on Internet. The subject is: FaceFacebook Support. Personal data has been changed!ID55733. The email comes w... - “Download photoalbum” another variant of “i got u surprise”
Previously we have written about the "i got u surprise" spam trojan on Facebook. And today, we still discovered another variant. This time, the message that is received by the victim is only "u?" and ... - Anger after scam-exposing community shut down by Facebook
In a bizarre and hard-to-understand move, a Facebook page which claims it helped countless Facebook members stay safe online on the social network has been shut down... by Facebook.
The Bulldog Estate... - How to report a Facebook scam
At some point in your life, one or several of the Facebook scams out there might affect you enough to look for ways on how to report them and go on a vendetta rampage against the scam creator. I... - Spam from your Facebook account? Malware attack poses as official warning
Cybercriminals are adopting a new disguise, following last week's "Facebook password changed" malware attack.
Computer users are discovering malicious code has been sent to their email inboxes, preten... - An open letter to Facebook about safety and privacy
Dear Facebook,
As you know, for some years we have been discussing with your security team our concerns about safety and privacy on Facebook.
Every day, victims report to us numerous incidents of crim... - Facebook Users Get Invited to a Spam Event
For sometime now we’ve been reporting threats targeting Facebook users, most of which result in users unknowingly spreading spammy links to their networks. We’ve seen different social engi... - Facebook Likejacking, phishing and spam
Last Thursday, I wrote about Facebook Likejacking. Today, similar pages were brought to my attention. They use Likejacking to spread through user profiles using much more aggressive spam techniques.
...
