Do you remember when hardly a week went by without cybercriminals infecting computers with the promise of glimpses of glamorous pin-ups like Halle Berry, Anna Kournikova, Julia Roberts, Jennifer Lopez or Britney Spears?
Those days aren’t entirely behind us (lets not forget the danger of hunting for sex tapes of Gossip Girl actress Leighton Meester, naked photos of Paramore’s lead singer Hayley Williams, and peephole videos of TV sports presenter Erin Andrews) but the one thing they invariably relied upon was a human weakness, or perhaps I should say male weakness.
Invariably the “sexy” attacks and scams used nubile young actresses, either caught in compromising positions or posing seductively to boost their careers. And it would – for understandable reasons – mostly be men who would find it hard to resist opening the attachment or clicking on the link.
But just as grown men can find that they’re suffering from a case of “twitchy mouse finger” (a medical condition which means you have to click on a link even though every sensible neuron in your brain is telling you that it might be risky) so young women find themselves in a state of permanent squee over teen pop sensation Justin Bieber.
And, aside from Justin Bieber, what else are young girls addicted to? Facebook.
So it’s no surprise at all to see the scammers exploiting Facebook with claims that they can give you Justin Bieber’s cell phone number if you just share their link with all of your friends.
If you’re a fan of the pint-sized prince of pop and find yourself clicking on the “Like” button as the page suggests you’ll be taken to a dialog which shares the link to your online friends using the phrase
OMG!! Justin Biebers Ex GIRLFRIEND just RELEASED his new CELL PHONE NUMBER!!
Remember, at this point no-one has given you Bieber’s cell phone number (real or otherwise), but in your desperation to contact the miniature music munchkin you’ve still shared the link with all of your Facebook friends (who, chances are, will also be obssessed with Justin Bieber).
And I’m afraid that you never will get Justin Bieber’s real phone number. The page has been created to redirect your browser to surveys that ask you umpteen questions (gathering your personal information for the companies behind the survey, and earning the scammers some affiliate cash). In some cases the scammers ask you for your cell phone number, and then sign you up for a premium rate service.
If you did make the mistake of passing the link onto your friends, you should clean-up your newsfeed and profile to remove references to the link.
The scam works in a very similar way to the “OMG!! Guys, you have to see this: This mother went to jail for taking this pic of her son!” scam I described yesterday.
Here’s a YouTube video I made showing how it works, and how to clean-up your Facebook account if you made the mistake of falling into the trap.
(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)
Sophos has informed Facebook’s security team of the page, and bit.ly about the shortened url that is being used in the scam. Hopefully both will be shut down soon.
Be careful out there folks, and if you have Facebook friends who you believe are acting unsafely online invite them to join the Sophos page on Facebook.