Spam attack hits Facebook's own Help Center

Filed Under: Facebook, Social networks, Spam

Facebook Help CenterThe community forum on Facebook's Help Center has become overrun by spammers, making the self-help support community effectively useless.

The spam messages, which at the time of writing are claiming to offer ways to watch live streaming video of American football games, appear to have been posted by bogus or compromised Facebook accounts.

Spam messages in Facebook's help center. Click for larger version

Clicking on the links typically takes you to a webpage which asks you to hand over your email address, claiming that you will be sent a program that will allow you to watch live streaming video of football games. The potentials for abuse or malicious attack are obvious - and we would recommend that no users click on the links.

The alarm was first raised about the spam attack by the
unofficial Facebook privacy and security blog. Hours later, new spam messages are still appearing on the Facebook Help Center.

Could it be that the spammers are taking advantage of the Thanksgiving holiday weekend, when Facebook's security team may be more lightly staffed than normal?

Certainly it's embarrassing for the social networking website to have one of its own pages hit so significantly by spammers, when it has recently been lauding its achievements in the fight against Facebook spam.

Snippet of Facebook security infographic

With approximately 800 million users on Facebook, spammers will continue to seek out holes in the site's armour and try to trick the unwary into clicking on their links. To have the best chance of success, Facebook needs 24 x 7 protection, every single day of the year, and to raise awareness of the risks amongst its userbase.

Make sure that you keep informed about the latest scams spreading fast across Facebook and other internet attacks. Join the Sophos page on Facebook, where over 150,000 people regularly share information on threats and discuss the latest security news.

Hat-tip: The unofficial Facebook privacy and security blog.

, ,

You might like

6 Responses to Spam attack hits Facebook's own Help Center

  1. Ron Powers · 972 days ago

    I appreciate all the warning info that Facebook itself should be making public to it's users.For not for Sophos I & others would not be aware of the dangers facebook provides us.Thank you Sophos & keep up the great work.

  2. M R · 971 days ago

    Sophos is a priceless resource that I wish more people knew about. Facebook kind of sucks in a lot of ways, but until someone builds a better social networking site, FB is it. With that status comes all of the attacks, and everyone should be very wary about what the click on and where they go.

  3. Robert Gracie · 971 days ago

    I have seen this American football horses*** on a different site's forum page that I moderate on, but still why do people spam post this stuff is it as a bad joke or just trying to be foolish I shall never know why people do this stuff it should be illegal to do something like this!

    • WKTB · 855 days ago

      I think often the link that is in those posts goes to Questionable sites that really have nothing to do with what is indicated by the link. my suspicion is the posters get/or think they will get pennies for each click that gets to the said questionable web site.

  4. WKTB · 855 days ago

    Facebook at times appear to be doing little to stop that spam, to point at times it looked like they did not care.
    my facebook was disabled supposedly for sending spam they will not let me contest or correct what ever I supposedly did wrong the first of Dec. I never to best of my knowledge sent spam,I have shared stuff from Sophos, Facecrooks, Hoax-Slayer,etc trying to help keep extended family and friends safe.
    I have read and reread the facebook rules and see nothing there I did.
    A big thanks to Sophos and Mr Cluley for attempting to keep people safe on facebook

  5. Ratlady · 700 days ago

    The spammers are back in the help center (August 2012) - it started a week or two ago and now it's escalating. I've been reporting every single one but now there are beginning to be too many to report. If it's possible, please alert Facebook again like you did last November!!!!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.