'Claimed my free iPhone' spam swamps Facebook

Filed Under: Apple, Facebook, Social networks, Spam

Scammers continue to make a mockery of Facebook security, with social networking accounts being abused to spread messages about "free" iPhones.

Claimed my free iPhone

Claimed my free iPhone today, so happy lol... If anyone else wants one go here <LINK>

The messages have been appearing on the site for at least the last 12 hours, and are showing no signs of respite. And they're just the latest incarnation of an attack that we have seen successfully impacting the site since the weekend.

If you do click on the link you will be taken to a "make money fast" website.

Make money fast website

Sorry folks, there's no indication that you're going to get a free iPhone - but it sure was an effective way to make you click.

Interestingly, this latest batch of messages are say they were posted "via Email". That's the facility Facebook supplies to post status updates to your Facebook page remotely, just by sending an email to a unique address (every Facebook account has a specific email address for this purpose).

Upload email

Is it possible that the facility has been compromised, and scammers have found a way to update folks' statuses just by sending an email message directly to their walls? Or have the cybercriminals managed to get their paws on a database of upload email addresses through which they they can now relay their spam messages?

Learn to think before you click on links on Facebook, if something sounds too good to be true, it probably is. If you want to learn more about security threats on the social network and elsewhere on the internet, join the Sophos Facebook page.

, , , ,

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog at https://grahamcluley.com, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley