Girl who had sex with 5000 men exploited by sleazy Facebook scammers

Filed Under: Clickjacking, Facebook, Social networks, Spam

Earlier this month, the (appropriately named) Daily Mail ran a story about a British woman who claims to have slept with 5000 men over the course of the last nine years.

So far, so tabloid.

Earlier today, however, a member of the Sophos page on Facebook informed me of a suspicious page he had found on the site, which appeared to be exploiting the rather grubby story of the young woman's busy sex life.

Girl who had sex with 5000 men Facebook page

If you visit the "Girl who had sex with 5000 men" Facebook page you are first presented with a "Security Check" which asks you to confirm that you are over 18 years of age because some of the content may contain "shocking graphics, nudity or disrespect other individuals."

From the look of the warning you may imagine it is a real Facebook warning - but it isn't theirs. It belongs to the people who are attempting to trick you into liking the page and - presumably - they believe a warning about the possibly salacious nature of the following content may encourage you to venture further into their web.

The next warning goes one stage further, claiming to be a means of checking whether you are a spam bot or not.

 title=

In fact, unbeknownst to you, if you click on the numbers in the order that the warning suggests you are being invisibly clickjacked. The clickjacking attack secretly updates your Facebook profile to say that you like the page, as well as another one entitled "Why are you complaining about pervs adding you if you have slutty pictures?"

Thousands of people have already "liked" the pages.

 title=

And do you get to see any material that contains "shocking graphics, nudity or disrespect other individuals"? Nope. Well, not unless you believe that original Daily Mail news report to be disrespectful.

Scams like this are designed to get you to forward links to your friends, and encourage others to join groups and pages. Of course, once a large audience has been built up by the scammers they can use it for mischievous ends, or potentially send out a dangerous link or update designed to compromise your computer or earn money from your poor security.

I've informed Facebook of this latest scam, and hopefully they will shut it down shortly. But it won't be long before others pop up to take its place.

Everyone must take more care when they're online as right now we're all making it too easy for the scammers and cybercriminals to spread their attacks. Over 20,000 people have already joined the Sophos page on Facebook to be kept informed of the latest security threats - if you're a user of Facebook, maybe you should join them too?

By the way, if you haven't worked it out yet. Another way of describing 5000 men in nine years is 5000 men in just 3,285 days. Yes, quite.

, , , , ,

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.