Sophos Cloud Optix
Spam messages are spreading across Facebook claiming to be from users who have calculated the total hours they spent on the social network during 2010.
Would you be tempted to find out how long you had spent on Facebook in the last year? Well, I would be cautious if I were you as you could find yourself assisting scammers who are using rogue applications to make themselves a quick buck.
Typical messages read:
I was logged into facebook for XXXX hours in 2010!
Check yours @ [LINK]
or
I spent a total of XXXX Hrs on Facebook in 2010 WOW. What are your hours like? I found out from [LINK] ...Enjoy!
If you click on the links you will be taken to a third-party application permissions dialog. As with legitimate Facebook applications, this app needs your permission to access information on your profile. Unfortunately this rogue application is not interested in calculating the real number of hours you spent on Facebook, all it cares about is spreading its message virally between users.
Because as soon as you click “Approve” the rogue app takes the opportunity to post a message on your Facebook page, like the ones above, designed to fool your friends into believing you’ve found out how many hours you spent on the website during 2010.
And so the scam spreads virally.
What is the point of the scam? To make money by tricking you into taking a survey.
The webpage you are taken to after approving the rogue application tricks you into believing that you can find out how many hours you were logged into Facebook once you have completed a survey as a “security check”.
In reality, the scammers earn commission for each survey completed. And you’ve just helped them spread the survey onto your friends as well.
If you have been hit by scams like this on Facebook, and are struggling to clean-up your profile, here’s a YouTube video I made which describes what steps you need to take:
(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)
Make sure that you keep informed about the latest scams spreading fast across Facebook and other internet attacks. Join the Sophos page on Facebook, where over 50,000 people regularly share information on threats and discuss the latest security news.
I really wish your site were more mobile (dumb phone) friendly. I often would like to share your articles to facebook, but your site uses some sort of pop up to do that I don’t see at other sites. My dumb phone isn’t capable here like it is elsewhere. Oh, good article…
Here's a thought, based on something the FTC did years ago (and I copied over at the former MMF Hall of Humiliation): create a "fake" "rogue survey scam" and post it. However, when the the user clicks on the "OK to spam this all over creation" link, redirect them to an educational page about not clicking on such things, and post a single line to their Wall:
I just learned about rogue apps circulating on Facebook, and you should, too: <link_to_educational_page>
~EdT.
Hello, thanks for this short tutorial. But I have a question about it. I already remove it the post from my wallsome weeks ago, also checked my applications and there was none, so I thought fine. But today it was there again and I don´t know how to stop it. May you have an advice for me. Thanks anyway!
Sounds like you may have fallen for another scam somehow. Remove it any rogue apps from your list of applications, as shown in the video.
Hello, thank you for your answer. Actually I already did everything shown in the video for a couple of times. But it still publishs to my wall and fan page. I´m also wondering because this scam-application has no name shown when it posts to my wall. And I think thats why it is not shown in my application list. Kind of ghost-application.
I have exactly the same problem; and apparently a lot of my friends have that problem too; and yes – the facebook settings might have changed, they look different now and maybe they have a new policy because the app name does not show anywhere.
That's exactly what happens with me as well, the app doesn't show up in the privacy settings list and there is no way to remove it… :/
Me too. In fact, I didn't even grant the app any permissions to begin with. I figured it was no good, but it was whatever. Please help!
i have the same problem. there is no application to delete. also to delete the pictures, that are posted in your albums, doesn't help.
i have the same problem; i clicked on the "how many hours you've spent on facebook' link – stupid me – this is posting pictures into an album; there is no application in my list, and i even cannot delete the album.
Same Here,
the app, which is not one… appears nowhere and publishes through the mobile uploads album.
i’ve tried to delete the album,
i’ve tried to change the privacy setting of the album from where it comes
i’ve tried to mark it as spam after i re-published it myself ( coz you don’t have the option to mark as spam in the first time, it comes from your own pictures ! pretty smart ),
I’ve tried to change my account password
NOTHING WORKS !!!!
We know we can get scamed, spamed or whatever, ok, but it becomes a real problem if facebook lets them do, cause now they sure know about it as i marked it as spam, and of course i sent them four messages, no answer at all. Also this topic shows we are quite a few in that situation, and i suppose everyone send them messages, so yeah, they definately know about it, and their reaction is absolutely unacceptable.
just thinking about closing my account.
Same here.. and the problem is, after searching the web for like 3 hours i realised that no one seems to have a slightest idea how to remove that shit :/ everyone just posts that same article about the problem without a solution.
The contents of that video do not match the info in the latest privacy settings. This is 2011!
Help, I have the same problem. Like an idiot, I copied a code into my browser while on facebook. And now, it keeps posting to my wall and to my admin pages. HELP ME PLEASE
Go here : http://www.facebook.com/mobile/
In the middle “Upload via email” => Click on “Find out more”
At the end, click on “refresh your upload email”
Then “Reset”
It is not an application, the app stealth your email mobile adress, and they can send an email that appear directly to your profil
Have a nice day !