Free makeup scam spreads rapidly across Facebook

Filed Under: Facebook, Rogue applications, Social networks, Spam

A scam targeting women on Facebook is spreading very rapidly across the social network, pretending to offer free makeup.

If you see a message like the following being posted by one of your Facebook friends, do not click on the link.

Free makeup messages from compromised Facebook accounts

anyone want some free makeup? ive just ordered mine for free and i thought i would post it here before the offer runs out. its stuff like mac, maybeline, estee lauder etc! The site is: [LINK]

Of course, many women on Facebook might be tempted by the offer of free makeup and (without thinking about the possible consequences) click on the link, especially as it appears to have been shared with them by one of their online friends.

If so, they will find that they are taken through a sequence of pages which encourage you to give permission for a rogue application to access your Facebook profile.

Free makeup scam on Facebook

Free makeup scam on Facebook

Once the third party application has been given permission to access your Facebook information and post messages to your wall, you have walked straight into the scammers trap.

Without your knowledge, they are already posting messages on your Facebook wall spreading the advert for the "free makeup" virally to others on the social network. They are even sending specific messages to your Facebook friends, encouraging them to also take advantage of the free makeup offer.

Here's what I saw when I deliberately permitted the application to access a test account I own on Facebook (which is only connected to other test accounts - I didn't want to pass it on to any real Facebook users!):

Free makeup scam on Facebook

As you can see one of my "friends", Susan, has been deliberately targeted by the rogue application which posted a message to my account referring to her. If Susan were a real person she might well be tempted to click further for the free makeup offer.

So, why are the scammers doing this? Well, they want your real email address and phone number. They also want you to complete an online survey which will earn them some commission.

Free makeup scam on Facebook

Free makeup scam on Facebook

Scams like this need to be killed off, but Facebook seems to be having a bad time stopping them at its end. What's needed is for more people to be skeptical about such offers, and always be suspicious whenever a third party application requires to access their profile without a legitimate requirement.

If you've been hit by a scam like this, remove references to it from your newsfeed, and revoke the right of rogue applications to access your profile via Account/ Privacy Settings/ Applications and Websites.

And don't forget to warn your friends about scams like this and teach them not to trust every link that is placed in front of them. You can learn more about security threats by joining the thriving community on the Sophos Facebook page.

Hat-tip: Thanks to Naked Security reader Dave for bringing our attention to this scam. If you have something that you'd like us to investigate, email us at tip@sophos.com

, , , ,

You might like

11 Responses to Free makeup scam spreads rapidly across Facebook

  1. Greg · 1411 days ago

    This make-up scam is not only being perpetuated by the chance at "Free Make-up", but also is being taunted as "click here to upgrade your Facebook profile page", just as Facebook IS rolling out the new look for your profile page, if you so desire it.

  2. Anonymous · 1411 days ago

    I've seen the same thing with the iPad.

  3. Soffio di Dea · 1411 days ago

    grazie :)

  4. I got caught out, I couldn't believe it when I knew! I saw some friends I thought I trusted enough post it just to find they'd been caught out too. I didn't do it at first because I was skeptical but the more people do it the more I lost the skepticism.

  5. canttellyoumyname · 1410 days ago

    I know how this method works and how facebook can't detect it... I've reported it to facebook but NO-ONE seems to listen.. I know the creators of this hole personally and they know even BIGGER exploits :/

  6. I *think* this scam might die down if EVERYONE reports the app as spammy! And finally tell all your friends posting this msg that THE APP IS FAKE!!!!!

  7. Terry · 1409 days ago

    This App is more serious than you guys make it out to be...the add was able to get my home phone line and prank ringing me. Weird thing is i did not give my number on their form and neither is my number located on my facebook page. They may have hacked into my computer or found some way to key log my credentials. This is very bad

    • What did the phone call say? How did you associate it with the Facebook app?

      • Chris M · 1395 days ago

        I seen this application when it was flying around and I done some research into the offers.

        The offers are harmless and want information from you in order to later spam you. The offers do not belong to the person that owns this app, they are on every CPA network going. They also do not install malware on your system.

        Unless you handed over your number to them, there is no way they could call you. And I highly doubt multi million dollar advertisers have time to prank your phone.

        The calls are most likely unrelated and it's just a coincidence that they happened at the time this app was viral on Facebook.

  8. RadioRay · 1343 days ago

    "... want you to complete an online survey which will earn them some commission."

    Please explain how this survey lark works. What is the value to the people paying for surveys completed?

    • There are plenty of legitimate companies who have surveys or offers that they want to present to a large number of people on the internet - but are finding it hard to attract an audience.

      Other firms say, "We can help you with that!" and promise to use their network of affiliates to put the surveys in front of huge numbers of users. Of course, some of those affiliates might use some dodgy tactics - such as writing rogue Facebook applications..

      So that's how it works.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.