Following the “11.6 hours” scam which flourished on Twitter yesterday, you would hope that everyone would be wise to the threat of allowing unknown apps unfettered rights to post to your social networking account.
However, I wouldn’t be surprised if we see more and more scams which attempt to increase their chances of success by targeting both Facebook and Twitter users at the same time.
For example, here’s a scam which is spreading virally on Facebook right now.
Cool,man I cannot believe that you can see who is viewing your profile. ! I just saw my top 10 profile stalkers and I am SHOCKED that my Ex is still viewing my profile :O ! You can see WHO VIEWED YOUR PROFILE here--[LINK]
If you click on the link you’ll ultimately share the link from your own account and be required to take a revenue-generating survey scam. We’ve discussed these sorts of scams many times before, of course, and provided details of how to clean-up your Facebook profile afterwards.
Meanwhile, earlier today, a very similarly phrased scam was spreading on Twitter with the same intention of making money for the bad guys.
I just viewed my TOP 10 Profile STALKERS - [LINK]
The good news is that the links being used by this scam on Twitter appear to have now been blocked by bit.ly (although they may, of course, spring up again under a different guise). If you did manage to reach the destination that the scammers wanted, however, you would have been urged to connect a third-party application with your Twitter account.
Giving permission to such an app is just what the scammers want, and the app doesn’t waste any time exploiting the opportunity to post to your Twitter account – spreading its link even wider.
Meanwhile, the promise of discovering who are your top 10 profile stalkers on Twitter might be enough to tempt you into taking a survey which earns money for the scammers.
Needless to say, you never do find out who has really viewed your Facebook page or Twitter profile – but you have helped put some cash in the pocket of the scammers.
Don’t encourage them to distribute scams like this, and always exercise caution about which third party apps you allow to connect with your social networking accounts.
If you’re on Twitter and want to learn more about threats, be sure to follow Naked Security’s team of writers. Meanwhile, Facebook users would be wise to join the Sophos Facebook page, where we give early warning about new threats.Follow @gcluley