Sophos Cloud Optix
A scam targeting women on Facebook is spreading very rapidly across the social network, pretending to offer free makeup.
If you see a message like the following being posted by one of your Facebook friends, do not click on the link.
anyone want some free makeup? ive just ordered mine for free and i thought i would post it here before the offer runs out. its stuff like mac, maybeline, estee lauder etc! The site is: [LINK]
Of course, many women on Facebook might be tempted by the offer of free makeup and (without thinking about the possible consequences) click on the link, especially as it appears to have been shared with them by one of their online friends.
If so, they will find that they are taken through a sequence of pages which encourage you to give permission for a rogue application to access your Facebook profile.
Once the third party application has been given permission to access your Facebook information and post messages to your wall, you have walked straight into the scammers trap.
Without your knowledge, they are already posting messages on your Facebook wall spreading the advert for the “free makeup” virally to others on the social network. They are even sending specific messages to your Facebook friends, encouraging them to also take advantage of the free makeup offer.
Here’s what I saw when I deliberately permitted the application to access a test account I own on Facebook (which is only connected to other test accounts – I didn’t want to pass it on to any real Facebook users!):
As you can see one of my “friends”, Susan, has been deliberately targeted by the rogue application which posted a message to my account referring to her. If Susan were a real person she might well be tempted to click further for the free makeup offer.
So, why are the scammers doing this? Well, they want your real email address and phone number. They also want you to complete an online survey which will earn them some commission.
Scams like this need to be killed off, but Facebook seems to be having a bad time stopping them at its end. What’s needed is for more people to be skeptical about such offers, and always be suspicious whenever a third party application requires to access their profile without a legitimate requirement.
If you’ve been hit by a scam like this, remove references to it from your newsfeed, and revoke the right of rogue applications to access your profile via Account/ Privacy Settings/ Applications and Websites.
And don’t forget to warn your friends about scams like this and teach them not to trust every link that is placed in front of them. You can learn more about security threats by joining the thriving community on the Sophos Facebook page.
Hat-tip: Thanks to Naked Security reader Dave for bringing our attention to this scam. If you have something that you’d like us to investigate, email us at tip@sophos.com
This make-up scam is not only being perpetuated by the chance at "Free Make-up", but also is being taunted as "click here to upgrade your Facebook profile page", just as Facebook IS rolling out the new look for your profile page, if you so desire it.
I've seen the same thing with the iPad.
grazie 🙂
I got caught out, I couldn't believe it when I knew! I saw some friends I thought I trusted enough post it just to find they'd been caught out too. I didn't do it at first because I was skeptical but the more people do it the more I lost the skepticism.
I know how this method works and how facebook can't detect it… I've reported it to facebook but NO-ONE seems to listen.. I know the creators of this hole personally and they know even BIGGER exploits :/
I *think* this scam might die down if EVERYONE reports the app as spammy! And finally tell all your friends posting this msg that THE APP IS FAKE!!!!!
This App is more serious than you guys make it out to be…the add was able to get my home phone line and prank ringing me. Weird thing is i did not give my number on their form and neither is my number located on my facebook page. They may have hacked into my computer or found some way to key log my credentials. This is very bad
What did the phone call say? How did you associate it with the Facebook app?
I seen this application when it was flying around and I done some research into the offers.
The offers are harmless and want information from you in order to later spam you. The offers do not belong to the person that owns this app, they are on every CPA network going. They also do not install malware on your system.
Unless you handed over your number to them, there is no way they could call you. And I highly doubt multi million dollar advertisers have time to prank your phone.
The calls are most likely unrelated and it's just a coincidence that they happened at the time this app was viral on Facebook.
“… want you to complete an online survey which will earn them some commission.”
Please explain how this survey lark works. What is the value to the people paying for surveys completed?
There are plenty of legitimate companies who have surveys or offers that they want to present to a large number of people on the internet – but are finding it hard to attract an audience.
Other firms say, "We can help you with that!" and promise to use their network of affiliates to put the surveys in front of huge numbers of users. Of course, some of those affiliates might use some dodgy tactics – such as writing rogue Facebook applications..
So that's how it works.
I didn’t see the ad on Facebook, but I clicked on it when it popped up on computer. I ordered some of the free makeup, they sent it, I liked it, but they didn’t say that it was a free 14-day trial offer and that I had to call them after 2 weeks and cancel it I didn’t want to continue getting the products(s). After 2 months, I saw that they had been charging my credit card $272.70/month. Before I could get it corrected, they had put another $272.70 charge on my account! When I called them to cancel my “membership” they said that they would refund $90.00 to my credit card. Now I have cancelled my card!