Facebook under attack... Again

Filed Under: Data loss, Facebook, Privacy, Social networks, Spam

Another scam is making the rounds on Facebook trying to take advantage of users' curiosity. It is spreading on people's walls with the subject "OMG! Her boyfriend dies in her arms right before her eyes. The car hits them while they kiss. It's heartbreaking. You must see this: http://bit.ly/CENSORED".

Screenshot of lure in Facebook attack

This attack follows the well-established pattern of directing you to an application that wants permission to post to your wall and access all of your data. The application is called "Drive Safely," which is good advice, but I am not sure these are the people you want giving you advice...

Screenshot of permissions requested in Facebook attack

Once you allow the application to continue it then posts the message to your wall again so all of your friends will see it, and provides an image of a fake YouTube-like movie. Once you click the movie to see this "heartbreaking" moment it directs you to a series of quizzes. This is almost a carbon copy of the attacks Graham has been documenting for months.

Facebook scam survey

As of this time at least 400 people have clicked through to this scam and it is spreading like wildfire on people's walls. If you are a Facebook user and would like to stay abreast of the latest security information, I invite you to join our Facebook group, where we publish advisories on all the latest threats and scams.

Thanks to Facebook user Monie Wells for the top about this new attack.

Update: I have received confirmation from bit.ly that they are now blocking the bit.ly shortened links that connect to this application. Thank you to Rex at bit.ly for the fast response!

, ,

You might like

4 Responses to Facebook under attack... Again

  1. rebecca creal · 1426 days ago

    how do you stop it?

    • Remove all references to the scam from your profile (so it can't be shared further with your online friends), and check your Facebook applications settings to ensure any rogue applications have had their access to your profile revoked.

  2. guest · 1423 days ago

    be smart and dont use applications on facebook! turn off your instant personalization on the privacy settings page

  3. Guest · 1410 days ago

    As of December 2010 this app is still active.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Chester Wisniewski is a Senior Security Advisor at Sophos Canada. He provides advice and insight into the latest threats for security and IT professionals with the goal of providing clear guidance on complex topics. You can follow Chester on Twitter as @chetwisniewski, on App.net as Chester, Chester Wisniewski on Google Plus or send him an email at chesterw@sophos.com.