While much attention is focused on Facebook scams and trojans involving Osama bin Laden's death, Facebook users should be aware of another new way scammers are spreading links to rogue sites. They have begun to circulate convincing links claiming to be stories from Wired News about the iPhone 5. This scam takes advantage of Facebook’s new social plugin for websites that allow for comments, M86 Security Labs reports.
If a Facebook user clicks on the link, the user is instead sent to a random .info site. M86 says it has documented over 10 of these sites for this particular scam. Once there, the user is asked to answer a CAPTCHA-like verification form, such as "what is 3 + 2?", but the user is not allowed to see the info typed in response. Once the user answers, this "actually results in the user leaving a comment for the .info website through the use of the Facebook social-plugin layer for comments," says M86.
OK, many users might fall for this so far, but the funky thing here is that the user is then asked to download a file such as "videogameboxinstaller.exe" which tries to convince people to agree to install it because it will let them "like" anything on the Web. Naturally, the file also installs other software which allows the application to serve the user adware. It then tries to convince the user to sign up and send in money to become an "affiliate member."
The good news is that the file may be blocked by at least some antivirus software programs, as the files used tend to belong to a known family of malware dubbed Adware.Yontoo.
While it may seem obvious that downloading software from a Facebook link is a Very Bad Idea, and no one should do it, M86 says that it tracked at least 100,000 clicks to the few fake .info sites it was tracking, which helps propagate the scam and increase exposure to the rogueware.
The Osama bin Laden scam falls more in line with what antivirual maker AVG reports is the typical Facebook scam. These center on a link to a seedy video, in this case one that claims to show bin Laden's dead body. If a user clicks, the user is sent to a site that offers a survey and then wants to text the results to a cell phone. The fine print says that the user now agrees to pay $10 a month on the user's cell phone bill. On top of that, sometimes scammers throw in some pure clickjacking malware where users are asked to click a button which is actually a Like button hidden by a transparent GIF. The video then shows up in the user's news streams as a "liked" video.
According to a report issued in April by AVG, "Last year, we used to see an average of one such campaign per week, usually running on weekends, and usually netting 200k-300k victims, but this has now accelerated to a fresh campaign every other day or so."
Facebook, for it's part, doesn't seem to be letting these scams run rampant, but is blocking them when it becomes aware of them. The best solution for Facebook users is to know that legitimate websites don't make their readers answer CAPTCHA questions or take a survey just to read a story or watch a video.
Ugh, all of these scams; when are people going to learn how to notice and avoid them?
"The future starts with you; now start posting more!"
My name is Jennifer and I am the marketing coordinator for Theme Your World LLC, the company that owns the PageRage software. For clarification, Theme Your World LLC is not complicit in this scam activity, rather, the scammers are using the company’s PageRage software and its affiliate program in order to make money off of unsuspecting Facebook users.
We have investigated this issue and have taken the corrective action against the affiliate. They have been shut-down.
Theme Your World LLC
NEWS TIPS |
This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or hisassociates. All products and trademarks are the property of their respective owners. All content and graphical elements areCopyright © 1999 - 2013 David Altavilla and HotHardware.com, LLC. All rights reserved. Privacy and Terms