Girl's sexy Facebook video is disguise for survey scam

Filed Under: Facebook, Rogue applications, Social networks, Spam

Earlier this month I wrote about a scam spreading virally on Facebook that posed as a video of a father catching his daughter on a webcam.

A new version of the scam is now spreading with a slightly different disguise. As a lot of people seem to being affected by it (haven't folks learnt by now about these scams?) it seems worth documenting.

The first thing you will probably see is one of your Facebook friends posting a message like this:

OMG!!!! Girl Caught by Dad While Making Video on Facebook
OMG!!!!! Girl Caught at Home --> <link>

Other versions may say:

OMG!!!!! Girl Caught by Dad While Making a Sexy Webcam Video --> <link>

Clicking on the link isn't such a wise idea. You'll be taken to a webpage called "Dad Catches Daughter Making A Sexy Webcam Video".

To try to reassure that all is safe, you the hackers have placed a message on the page saying

"Facebook has marked this application as safe"

with a reassuringly green tick next to it.

But don't be fooled by such elementary tricks, this is definitely a scam, and the next page attempts to trick you into giving the third party application access to your Facebook profile, post to your wall, access information about your friends, and even hand over permission for it to spam you in future.

Despite all the warnings, millions of people have proved themselves in recent months to be susceptible to scams like this, such is their desire to view lurid videos of football sex cheats or learn how to find out who has blocked them on Facebook.

If you do click further you'll be presented with a revenue-generating survey (which makes money for the people behind the Facebook application), before you finally get to watch a rather silly YouTube video.

Of course, if you really want to watch the video you could just go to YouTube. You don't have to allow complete strangers access to your Facebook profile or complete a survey which makes them money.

Let me make a guess here. You don't want rogue Facebook apps like this to be able to access your profile, right? :) So go into your settings and revoke their access before they can do any more harm. Also, warn your friends about the threat, as it's quite possible you have shared the link with them.

I've informed both Facebook and bit.ly (the short url service being used in the links) about this threat. Bit.ly has responded and have shut down the link - although, of course, it's perfectly possible that the scammers could start using another one.

Here's a YouTube video where I show you how to clean-up your Facebook account if you were hit by this, or similar scams:

(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)

If you want to learn more about security threats on the social network and elsewhere on the internet, join the Sophos Facebook page.

Do you think Facebook is doing enough to stamp out survey scams like this, or is it the fault of the Facebook users themselves? Let us know what you think by leaving a comment below.

, , ,

You might like

4 Responses to Girl's sexy Facebook video is disguise for survey scam

  1. THOD · 1348 days ago

    a new one going now seems to have an even younger girls, around 10-12 years old....still a scam and it says " OMG!!!! DAD CATCHES DAUGHTER MAKING A SEXY WEBCAM VIDEO"

  2. Adrian · 1240 days ago

    Is Facebook able to shut down a scam app across the entire network in one go or do all of its users have to do it on their accounts one at a time?

    • Facebook can shut down apps if they want to.

      However, it's relatively trivial under the current system for the bad guys to introduce another incarnation of a scam app under a different name. To my mind, it would be good if Facebook policed this better.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.