States in the USA, such as Vermont and New Jersey, are continuing to deal with heavy flooding in the aftermath of Hurricane Irene.
And we weren’t surprised to find internet scammers attempting to profit from other people’s misery.
For instance, here is a clickjacking scam which at the time of writing is still active on Facebook.
This Facebook page reads:
VIDEO SHOCK - Hurricane Irene New York kills All
All? Hmm.. that would be a rather fanciful claim even for the most sensationalist tabloid report. But maybe it will be enough to make you click further.
BAM! Too late. You’ve been clickjacked. Even before you’ve had a chance to notice that the page is suddenly talking to you in Italian, the webpage has taken your click onto what you thought was the video’s play button and secretly behind-the-scenes tricked you into saying you “Like” the page – thus promoting it to your online Facebook friends.
If you were running an add-on like NoScript for Firefox you would have been protected by a warning message:
But let’s imagine that you weren’t protected. What happens next?
The page insists that you share the link to the Facebook page, presumably in an attempt to increase its viral spread. So far things don’t seem to be working well for the scammers – as only 12 people have said they “Like” the page (and one of those is my test account). Maybe folks are suspicious about a claim that Hurricane Irene has killed *everyone* in New York.
You’re still keen to watch the video, of course, but first the scammers want you to take an online survey – which not only asks you for personal information but also can earn them commission.
If you are hit by a scam like this you should remove the page from the list of pages that your Facebook profile likes..
..and remove it from your newsfeed, reporting it as spam to Facebook.
The good news is that this particular scam hasn’t become widespread, but many others do.
If you’re a Facebook user and want to keep up on the latest threats and security news I would recommend you join the Sophos Facebook page – where more than 100,000 people regularly discuss the latest attacks.
Messages are spreading rapidly on Facebook claiming to reveal a way to find out who has been secretly viewing your profile.
Here are a couple of examples:
Brilliant!! Now u can see all your profile stalkers! --> [LINK]
WOW!! I can't believe that you can see whose viewing your profile. I've just seen my top 10 profile peekers and I'm shocked on whose Viewing my Profile. You can also see whose viewing your FACEBOOK PROFILE HERE: [LINK]
Clicking on the links takes you to a splash screen for a rogue application, and you are fooled by the promise of discovering who has been viewing your Facebook profile to give permission for a third-party application to access your account.
Want to see who views your Facebook profile?
This is amazing!
Now you can see who is viewing your profile and find out how many profile views you got. Just use our application and press button below and then Allow to analyze your Facebook profile!
Obviously you shouldn’t grant permission on the following screen for the application to access your Facebook profile, but an alarming number of users appear to have no qualms about exposing their confidential information and degrading their security in this way.
The problem is that this isn’t a legitimate application request. A rogue application wants access to your account so it can spread the messages and its link even further, spreading the campaign virally across the social network. The goal? To earn money by driving traffic to an online survey.
Notice that the survey presents itself in a convincing Facebook style, which may trick some users into believing that it is legitimate.
If you’ve been affected by this scam, you should clean up your account before any further damage is done.
I’ve made a YouTube video where I show you how to clean-up your Facebook account if you were hit by this, or similar scams on Facebook:
(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)
Make sure that you stay informed about the latest scams spreading fast across Facebook and other internet attacks. Join the Sophos Facebook page, where more than 100,000 people regularly share information on threats and discuss the latest security news.
You could also do a lot worse than check out our best practices for better privacy and security on Facebook guide.
This entry was posted in Social Networking Sites and tagged Facebook, it's a rogue application spreading virally, Profile Peekers, Profile Viewers, rogue application, Scam, Spam, Survey Scam, Your Facebook Profile Stalkers exposed? No.
In a continuance of a trend we have been seeing the last few weeks, a new Facebook scam using a sexually suggestive thumbnail is spreading like wildfire.
The scam is currently spreading on people’s walls using the title “This g1rl must be Out of her Mind but also a Genious for making This v1deo! – After they took her life away she decided to do genious revenge!” and “This woman must be really nuts but also a Genious for making This video! – They decided to ruin her life but she decided to hit them back!”
Since Facebook implemented their partnership with Web of Trust back in March, it appears the con artists are changing their URLs more frequently to prevent WoT from detecting the threat and warning users.
In the past 90 minutes, I have seen this scam use youpube-dot-info, youmube-dot-info and http://www.grimvh-dot-info. These URLs will likely be dormant by the time you read this and replaced with another set pointing at identical scams.
If you click on the post you are presented with the “Verify you are human” or “Are you older than 13 years of age? Click ‘Jaa’ button 2x to confirm and play video” popup screens. This leads you to a Facebook share dialog in Finnish where clicking “Jaa” means Share.
If you click Jaa twice you are ultimately led to a survey where the fraudsters earn a commission for every user who succumbs to the temptation of seeing the sexy video.
We see many scams spreading across Facebook every day, but some of them really make us lose our faith in society.. and Facebook itself.
Here’s the latest scam that is spreading rapidly across the network.
ÖMG: BRÔTHËR rãpés hís sïstér -
Wâtch thîs shóckîng VÍDÊÕ! Shé wäs hurtïng fór dâys, ånd côuld nòt wãlk!
The most likely way that this scam is spreading is by users choosing to click on the link. Presumably they want to see a video of a man raping his own sister. (There are other ways that the message could be spreading – malware, secret clickjacking, etc – but knowingly clicking seems the most obvious).
That’s a pretty sick and sorry statement on society.
Users who do click on the links are tricked into sharing it further..
.. and then complete an online survey that earn the scammers commission.
So, my faith in Facebook users is shaken a fair amount by scams like this.
But also, Facebook has to answer some important questions too.
Like, why can’t they stop scams like this more quickly?
Is it really beyond their ken to quarantine suspicious-looking status updates when they rapidly replicate across the network? Especially when the messages are using an ages-old spammers’ trick of using extended character sets (“Shóckîng VÌDÉÖ” instead of “Shocking VIDEO”) to try to bypass filters – which should itself ring loud alarm bells that something fishy is going on.
If Facebook is going to be a safer, family-friendlier place for people to be then it needs to tackle highly offensive scams like this much more effectively. Currently it is falling far short of what most decent people would want to see in their newsfeed.
Of course, if you have fallen for the scam, it’s a good idea to remove all references to it from your Facebook page and warn your friends not to participate in it.
And if you see any of your friends with such messages on their wall, report them as spam.
If you use Facebook and want to get an early warning about the latest attacks, you should join the Sophos Facebook page where we have a thriving community of over 100,000 people.
If you have an opinion on Facebook’s response to scams on their social network, why not leave a comment below?
FOR LATEST NEWS ON SCAM, SPAM ALERTS, HACKING,SOCIAL NETWORKING, TECHNOLOGY NEWS. PLEASE
This entry was posted in Social Networking Sites and tagged "Brother rapes sister video" scam: Why can't Facebook stop this?, “Brother rapes sister video” scam, “Brother rapes sister video” scam: Facebook should put more effort into stopping this, Facebook, Scam, Survey Scam.
The following messages are currently appearing very rapidly. We’ve had to obscure the thumbnails as many people will find them disturbing.
Here’s what the messages typically say:
[Video] - This is what Happend to his Ex GirlFriend!
Play Video! She could not walk properly for days!
Look what he did after her Ex girlfriend posted on his wall
lol What true pain both are having at this moment.?
Of course, there are people out there who find such links too tempting to resist. Here’s what they’ll see when they click on the link.
The victims probably don’t realise that “Jaa” is Finnish for “Share”, and they’re helping the scam spread to their online Facebook friends. Typically such scams end up with you being taken to an online survey that will earn the scammer money.
Can I respectfully suggest that if you keep falling for scams like this, you try and get your kicks elsewhere on the internet? There’s plenty of photos and videos of naked ladies out on the web which you can peruse at your leisure, without the risk of flooding the newsfeeds of your Facebook friends.
I’ve informed Facebook Security about this latest fast-spreading family of scams. Let’s hope they can take swift and decisive action so their users are no longer at risk.
If you got hit by this scam, make sure you have removed the entries from your news feed (to stop them being shared amongst your friends) and check your profile has not any unwanted “Likes” under your “Likes and interests”.
If you use Facebook and want to get an early warning about the latest attacks, you should join the Sophos Facebook page where we have a thriving community of over 90,000 people.