Finally got that iPad? Facebook users hit by 'via mobile web' spam

Filed Under: Apple, Facebook, Mobile, Social networks, Spam

We're seeing a growing number of Facebook accounts that appear to have been compromised by spammers, with messages posted claiming that the user has received a free Apple iPad.

Finally got my iPad scam on Facebook

Messages include:

Finally got my iPad from that site!
5 days ago I signed up at [LINK] as a tester and today I got my iPad. All you need to do is to tell them your opinion about iPad and you can keep it forever. You should hurry since i highly doubt this is gonna last forever.


I finally got that ipad I ordered at [LINK] as a product reviewer and today received it in my mailbox. All you need to do is tell the site your opinion about ipad and then u can keep it forever. You should be quick because I doubt this will last forever.

As the world is widely anticipating that Apple will announce the iPad 2 in San Francisco today, it's likely that there are plenty of people who would be interested in testing the popular tablet computer - especially if there is the possibility of receiving a free one!

Clicking on the links, however, is unlikely to bring you to a genuine webpage offering you a free iPad. Instead, when I tried the links, I was taken to a site asking me to hand over my credentials to an affiliate rewards program, giving me the "opportunity" to earn extra cash by taking surveys.

In other words, these messages are spam - and were not posted knowingly by the owners of the affected Facebook accounts.

What's interesting about the messages is that many of them appear to have been posted via the mobile version of Facebook's website (marked as "via mobile web"), that is most often used when people access the site via their cellphones.

It isn't clear to me whether these accounts have fallen victim to phishing attacks, or if a specific weakness is being exploited in Facebook's mobile interface, but it would seem to me to be sensible for affected users to scan their computers for security problems and change their Facebook passwords.

In addition, make sure that your privacy settings are properly secured by checking out our best practices for better privacy and security on Facebook guide.

Make sure that you keep informed about the latest scams spreading fast across Facebook, and other internet attacks. Join the Sophos page on Facebook, where over 100,000 people regularly share information on threats and discuss the latest security news.

, , , ,

You might like

3 Responses to Finally got that iPad? Facebook users hit by 'via mobile web' spam

  1. osurulz · 1647 days ago

    Here is a good tip. NOTHING IS FREE!

  2. kmenzel · 1647 days ago

    There was an application calling itself "mobile web" or something similar that I saw posting comments on my friend's walls a few weeks back - it looked like it was created to deliberately make it seem that things were being posted from phones - is it possible that this has surfaced again?

  3. Monica · 1630 days ago

    I got this message you mention and this other one: "for the past few weeks I have been trying this new weight-loss product I saw on CNN. you should check this out too I have lost a bunch of weight. 29.2 lbs to be exact." as being posted from my mobile internet but I don't have iphone and never posted such messages on my wall!!! what can I do?

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog at, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley