My 1st St@tus scam hits Facebook users hard, spreads virally

Filed Under: Facebook, Rogue applications, Social networks, Spam

Thousands upon thousands of Facebook users have been hit by a new survey scam spreading virally across the social network.

Messages claiming to be users' first ever Facebook status updates are being posted on users' walls by a rogue application, designed to earn revenue for the scammers behind the attack.

Here's what some typical messages look like:

My 1st St@tus

My 1st St@tus was: "[random message]". This was posted on [random date]

Find your 1st St@tus @ [LINK]

Other versions read:

My 1st status was: '[random message]' Posted on [random date]

Find out what your 1st status is at [LINK]

If you click on the link you are taken to a rogue Facebook application, which asks you to give it permission to access your profile, which includes giving it the ability to post from your account in your name.

My 1st St@tus

Sadly, many people are all too quick to give permissions to rogue applications like this free reign to their Facebook account - allowing scams like this to spread rapidly and virally between Facebook friends.

If you are foolhardy enough to continue, you are taken to a webpage which contains a survey. This is where the scammers behind the scheme make their money.

My 1st St@tus

Every survey which is completed earns them some commission. In some cases they might also ask for your mobile phone number in order to sign you up for an expensive premium-rate service.

And you? Well, you'll find that the rogue application has meanwhile taken the opportunity to post a message on your Facebook page, which is now being seen by all of your online friends. When I deliberately infected a test account with the rogue application it got my first status message incorrect, as well as the date that I first posted to the Facebook account.

My 1st St@tus

So, in other words, it's a complete confidence trick. It doesn't tell you your first status message on Facebook - and it's only intention is to drive as many people as possible into sharing the link (which can vary - we have seen several examples) further and further across Facebook, earning the scammers money.

Regular readers of the Naked Security site will be all too familiar with survey scams and rogue applications, and realise the dangers in allowing an app written by unknown third parties to access their Facebook profile. But there are plenty of others out there on Facebook who are still oblivious to scams like this.

Here's a YouTube video where I show you how to clean-up your Facebook account if you were hit by this, or similar scams:

(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)

Keep your wits about you and stay informed about the latest scams spreading fast across Facebook. One of the best ways to do that is to join the Sophos Facebook page, where a 100,000-strong community is regularly sharing information on threats and discussing the latest security news.

, , ,

You might like

13 Responses to My 1st St@tus scam hits Facebook users hard, spreads virally

  1. Kathy · 1363 days ago

    I am sure many will fall for this..ugh!

  2. I've just been pinged by a very similar looking scam application that claimed to be from facebook and was a link to set up the new @facebook.com email address! Exactly the same MO...to prove I was human I had to complete a survey! I deleted it immediately but not before it bombarded my whole friends list with with a very tempting link to dupe them as well! GGrrr!!!!

  3. Thanks for the post. I have shared it with my friends.

  4. badgermadge · 1363 days ago

    i didn't even do the survey and it's posted!

  5. Lucrezia · 1363 days ago

    I - uncharacteristically - clicked on the link, but saw a different Request for Permission page. It was suspicious so I didn't click further, but closed ALL open windows via ALT-CTRL-DEL. Nevertheless, a survey window popped up - closed *that* the same way, but the next time I logged onto FB, my status had been changed. (I notified the friend whose link originally led me there, and he says that he didn't give permission for the ap at all either). Posted a warning message on my status myself, and then delted the ap within my account settings. Lesson well and truly learned!

    • There are a host of different rogue applications being used by the scammers in this campaign, so it may not match the screenshots in my article precisely.

      We're also seeing variations in the wording. For instance "Status" rather than "St@tus" and other differences.

      The number of Facebook profiles that seem to have been affected is astonishing.. Sigh..

  6. teresa louise wright · 1363 days ago

    I never, ever click these links & would NEVER do a survey online!!!! Have posted on my profile as a good few of my friends have already used this app!!!!

  7. Cindy Pealo · 1362 days ago

    I saw a status like this just posted on one of my friends status and it disappeared real fast. My friend wasn't even online when it happened.

  8. clickerbug · 1362 days ago

    I clicked. It looked like some of the harmless apps that went around last year at this time and I thought I could trust it. And the window that pops up to give the app permissions is exactly the same as every other legit app, isn't it? It's a facebook policy to have apps ask permission to dig into your personal information ... how else is it going to read your statuses and post on your wall?

    So are you saying we should *never* trust a third party app?

    Anyway, I know enough about what to do after that to back right out of this one. A survey came up, cluing me into the rogue app, so I backed out of the page and went straight for my profile to take care of the message that I was sure was there. And no, it wasn't my "first status", it was the same one as the girl whose link I clicked on in the first place.

    So I posted a comment to the status "DON'T CLICK ON THIS, IT'S A SCAM!" (in case it posted to the news feed of my friends) and then deleted it off my page, then went to the apps page and deleted the app.

    No harm done other than a few wasted minutes, right?

  9. himadridimri · 1362 days ago

    Even I fell for it and later discovered that this was a Spam. Phew but thank god it doesnt spread on its own and not like 'father killed daughter' types.

  10. Swirl · 1352 days ago

    erm.. i dont know what account you used but first you broke the facebook terms by creating a 'testing' account. I used this app and i've only recently joined Facebook and this worked like a charm and posted my first status (I was able to scroll down because i haven't been on that long).

    I think you may need to adjust this abit... if you read the small text it also says it only works on some accounts (I assume new accounts?).

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.