Daughter meets father on Chat Roulette Facebook scam - explained in diagram form

Filed Under: Facebook, Rogue applications, Social networks, Spam

With the help of my trusty pink crayon, I'm going to explain how the "OMG! Looks What Happens When DAUGHTER and FATHER Meet on CHAT ROULETTE!!" scam works.

First, you see a message looking something like the following on Facebook, posted by one of your friends:

OMG! Looks What Happens When DAUGHTER and FATHER Meet on CHAT ROULETTE!!

OMG! Looks What Happens When DAUGHTER and FATHER Meet on CHAT ROULETTE!!
OMG How Embarrassing For Father And Daughter
This Is Disgusting i Bet you Did Not Expect This!
You will not believe this! This Is Just Sick

Tempted to click? Well, if you are a regular reader of the Naked Security blog you should know the score by now. But just in case you don't, here it is illustrated with handy arrows..

Diagram of Father Daughter Chat Roulette Facebook scam

You are tricked into giving permission for a rogue third party application to access your profile. That means they can post messages to your wall, peruse your personal information and so forth.

They might show you an image of an alleged father and daughter meeting on Chat Roulette, but chances are they'll also try to make you complete a revenue-generating survey via CPALead too. Oh, and in the meantime, your Facebook profile has now blasted out the spam message to all of your online friends as well - thus spreading the scam virally.

And so the scam has gone full circle.

If only you hadn't clicked on the link, eh?

If you've been hit by a scam like this, remove references to it from your newsfeed, and revoke the right of rogue applications to access your profile via Account/ Privacy Settings/ Applications and Websites.

Application settings

Here's a YouTube video where I show you how to clean-up your Facebook account:

(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)

If you're a member of Facebook and want to learn more about security threats you should join the thriving community on the Sophos Facebook page.

Do you think Facebook is doing enough to stamp out survey scams like this, or is it the fault of the Facebook users themselves? Let us know what you think by leaving a comment below.

, , , ,

You might like

11 Responses to Daughter meets father on Chat Roulette Facebook scam - explained in diagram form

  1. Let the "clicker" beware.

  2. JJacobs · 1745 days ago

    Thank You SO much for reporting this things, I always share your posts, as I see friends clicking on these things ALL the time ! I'm almost at the point of doing away with face book due to these things. Thank you Graham !

  3. Due to the vast majority of users on Facebook being of the very novice group, I think Facebook should start taking more proactive measures to prevent scams from being so easy to create, replicate and be published on the site such as those taken by Apple that you described in an earlier blog.

  4. rog · 1744 days ago

    It's totally ridiculous that facebook "apps" get unlimited access to your profile. When I add a new app to my mobile phone, I get to see exactly what privileges it requires - facebook should implement something similar.

  5. Facebook User · 1744 days ago

    I wish all facebook users would take note, but sadly most won't..
    Well, at least you present this stuff professionally, unlike some of theamateurs on here.

  6. susan · 1744 days ago

    Thanks for all these explanations! I think facebook needs to do more. The average facebook user is pretty non-tech-savvy. I have friends who need help understanding the difference between facebook messages and wall postings and have no idea how to tell who can see their info, photos, etc.

    I linked one of your earlier warnings on my wall. A few people said they'd clicked these things, but "nothing bad seemed to happen." I don't think they get that the apps are still there, poking around in their stuff. I'm visiting my in-laws on Thanksgiving and am going to help father-in-law get rid of all the bogus apps I know he's acquired!

    Facebook should approve aps, like iTunes. If not, they should have two levels of aps (approved and non-approved) and have a big easy-to-understand DANGER warning if people choose to install unapproved aps.

    My two cents!

  7. mynameistoolong · 1741 days ago

    Can I just ask, how is it a "scam". User does a survey, we get paid, they unlock content. Who's being scammed? O_o

    • Innocent people are being tricked into helping the perpetrators spam out a message via their friends to their online friends and contacts.

      The users don't realise this is going to happen, and the scammers benefit financially.

      That's a scam.

  8. Poulsy · 1739 days ago

    Thats not really the worst scam you can see. But its true we see more and more of those on Facebook.

    I think using chatroulette for a scam is a good idea, since it tickles everyone's curiosity :)

  9. i think facebook could try a little harder and it is also the fault of the facebook users themselves. honestly i think people really need to stop being so f-ing stupid and actually read what the app wants to do. i will click on an app that looks legit but then i see that it wants to access my information even when im not using the application. i seen another application that said something about my phonebook! (yes facebook has a phonebook of friends numbers just go to account, edit friends, phonebook) i think facebook should screen the apps that people are creating before they go "public" for lack of a better word and have another team checking out all of the other apps that are already out there it will take some time but it will help the problem and i also think people should educate themselves to save their personal information and their friends' information

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog at https://grahamcluley.com, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley