About Me 0074: Making Money Scam

A new scam is spreading rapidly across Facebook, using rogue applications to post spam messages onto users' profiles claiming to be a way of discovering the total number of times your Facebook profile has been viewed.

The following YouTube video explains more:

Tens of thousands of users have been tricked into clicking on the messages.

My total facebook views are: XXXX

Find out your total profile views

The number of "views" shown each time changes, and there are a number of different links being used, but all of them point to rogue applications which trick you into allowing them to access your Facebook page and profile:

And as soon as you click on "allow", the scammers have you by the short-and-curlies. Behind the scenes, they are already posting messages which can be seen by your Facebook friends.

Plenty of people may want to know how many times their Facebook profile has been viewed (some may regard it as a badge of honour, rather like collecting followers on Twitter, or connections on LinkedIn) but this application is making the number up.

How do I know? Well, the test account I used to research this particular rogue application is friends with no-one, and isn't found in a Facebook search. I hardly think that it's true that it's been viewed over 3645 times..

But, of course, if your friends see "you" posting a message like that on Facebook they may well be tempted to find out their score for veiwers themselves, and click on the link and approve the application. And thus the rogue application spreads virally across Facebook.

So, what's the intention of all this? Well, if you do allow the rogue app to access your profile and post to your Facebook page then you'll next be taken to the webpage which claims it will calculate the number of people who have viewed your profile.

But first, they want you to complete a survey.

The scammers make money every time one of these surveys is completed. They're simply using the draw of a mythical Facebook view count to lure in the unwary and get as many people as possible to click on their links and take their surveys.

If you've been affected by this scam, you should clean up your account before any further damage is done.

I've made a YouTube video where I show you how to clean-up your Facebook account if you were hit by this, or similar scams on Facebook:

(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)

Make sure that you stay informed about the latest scams spreading fast across Facebook and other internet attacks. Join the Sophos Facebook page, where more than 50,000 people regularly share information on threats and discuss the latest security news.

The topic free iPhone is spreading wildly on Twitter right now, thanks to a massive spam campaign. A whole raft of shortened links from a whole range of link-shortening services are used in the bogus tweets - these redirect to a variety of shonky money-making sites.

This sort of activity often flies under the banner of "affiliate marketing". Sadly, this is sometimes a euphemism for a site which aims to make money out of other people by unholy means.

A better banner for this sort of site might be: "A web page with links alluding to offers from major brand names, which in turn lead you to survey sites or online product pitches unrelated to those major brands, from which the owner of the original link earns commission." The major brands earn nothing. Indeed, they aren't involved at all, other than to "lend" their name unknowingly to the exercise.

In this latest Twitter storm, many of the accounts seem to have been set up just for the purpose of short-term spamming. This sort of account is often very obvious: it was set up recently, has no followers and no-one following it, and has never posted enything personal, or even moderately human-like. Such accounts easily fail the Turing test.

Other accounts involved in this spam campaign appear to be genuine accounts, typically little used - perhaps set up in a fit of enthusiasm for Twitter, only to be abandoned by the sort of user who never quite reaches the level of self-importance to keep up the effort of sending 140-character sound-bites about the trivia of his life. These accounts are more believable, because they have at least a small amount of history, a few followers, and some personal-sounding posts.

What can we learn from this? And if we're sysadmins - or even just concerned friends and family - with a sense of responsibility for others, what advice can we give?

Here are some suggestions:

* Imagine a wise old owl on your shoulder, asking you questions. HAVE YOU EVER MET ANYONE WHO WON A FREE IPHONE OR IPAD ONLINE? HAVE YOU EVER EVEN HEARD A BELIEVABLE STORY OF SOMEONE WHO DID? DID YOU EVER GET THAT MONEY FROM THE GHANAIAN PRINCELING? (I thought not.)

* Remember the phrase "bait-and-switch". If you see a link which promises you a free iPhone (the bait), the details and conditions explaining exactly how you win, and what chance you have of winning, should appear clearly, believably and honestly as soon as you click the link. If they do not, it's a trick (the switch).

* If you have old accounts for services you no longer find interesting, or don't use much any more, don't just abandon them. Close them down. Genuine accounts to which you don't pay much attention are valuable commodities on the cybercriminal underground. They have credibility which freshly-created accounts do not, and you probably won't notice they been taken over.

* Watch the video made by Naked Security's irrepressible Graham Cluley on how to choose a strong password.

(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like.)

bench craft company credit card

About Me 0074

Tuesday, February 15, 2011

Making Money Scam

Small Business <b>News</b>: Happy Valentine's Day!

CBS <b>News</b> reporter Lara Logan sexually assaulted in Egypt - From <b>...</b>

CBS <b>News</b>' Lara Logan in hospital after sexual assault in Egypt <b>...</b>

Small Business <b>News</b>: Happy Valentine's Day!

CBS <b>News</b> reporter Lara Logan sexually assaulted in Egypt - From <b>...</b>

CBS <b>News</b>' Lara Logan in hospital after sexual assault in Egypt <b>...</b>

Small Business <b>News</b>: Happy Valentine's Day!

CBS <b>News</b> reporter Lara Logan sexually assaulted in Egypt - From <b>...</b>

CBS <b>News</b>' Lara Logan in hospital after sexual assault in Egypt <b>...</b>

Small Business <b>News</b>: Happy Valentine's Day!

CBS <b>News</b> reporter Lara Logan sexually assaulted in Egypt - From <b>...</b>

CBS <b>News</b>' Lara Logan in hospital after sexual assault in Egypt <b>...</b>

Small Business <b>News</b>: Happy Valentine's Day!

CBS <b>News</b> reporter Lara Logan sexually assaulted in Egypt - From <b>...</b>

CBS <b>News</b>' Lara Logan in hospital after sexual assault in Egypt <b>...</b>

Small Business <b>News</b>: Happy Valentine's Day!

CBS <b>News</b> reporter Lara Logan sexually assaulted in Egypt - From <b>...</b>

CBS <b>News</b>' Lara Logan in hospital after sexual assault in Egypt <b>...</b>

Small Business <b>News</b>: Happy Valentine's Day!

CBS <b>News</b> reporter Lara Logan sexually assaulted in Egypt - From <b>...</b>

CBS <b>News</b>' Lara Logan in hospital after sexual assault in Egypt <b>...</b>

Small Business <b>News</b>: Happy Valentine's Day!

CBS <b>News</b> reporter Lara Logan sexually assaulted in Egypt - From <b>...</b>

CBS <b>News</b>' Lara Logan in hospital after sexual assault in Egypt <b>...</b>

Small Business <b>News</b>: Happy Valentine's Day!

CBS <b>News</b> reporter Lara Logan sexually assaulted in Egypt - From <b>...</b>

CBS <b>News</b>' Lara Logan in hospital after sexual assault in Egypt <b>...</b>

No comments:

Post a Comment