Sophos Cloud Optix
The fact that most organizations have fewer staff around on weekends is not lost on Facebook scammers.
The quantity of successful Facebook attacks SophosLabs sees on weekends and holidays is far higher than on weekdays, and this weekend is no exception.
Italian Facebook users have been seeing a message on their friends’ walls stating, “Scontri a Piazza del Popolo video amatoriale che riprende un ragazzo mentre tira dei San Pietrini al. . .” The link suggests you can view a video of clashes in the Piazza del Popolo.
If you click on the link, the standard scam continues, suggesting a YouTube-like video player. When you click the video you are actually “Liking” the page. You then get a prompt asking you to share the link again on your profile to view the video.
If you choose not to share it you are gracefully redirected to a survey scam that signs you up for a paid SMS subscription on your mobile phone.
Close on the heels of this attack, we were alerted to the return of the “Confirm your account” scam. According to the attackers, Facebook is over capacity and you must confirm your activity so your account won’t be deleted.
If you approve the bogus application it posts the following to your wall: “This is the last day you can confirm your account. Tomorrow your account will be permanently deleted.”
The unique thing about this scam is that it anticipates that you may have disabled JavaScript in your browser, or are using the NoScript plugin for Firefox. It provides instructions on how to reenable JavaScript as well as how to permit the scripts to run using NoScript.
Facebook can only do so much to prevent scams from attacking their service. Users must be smart and learn how to sniff out a scam and avoid it. With over 500 million users, though, Facebook will continue to be a major target for scam purveyors seeking victims.
If you’re a Facebook user, consider following us on Facebook to stay on top of the latest attacks. For our advice on the current best practices for securing your privacy on Facebook, read our Facebook best practices.
So when you see the "FB is over capacity" what's the best mode of attack for us? Ignore? Log out? don't log out? Change password?
Just ignore the message
gotchya – that's what i thought. but figured i'd ask.
If you are going to use a term such as "like-jacking" at least put in the hyphen so that it makes a modicum of sense when first reading it. The hyphen let's people know that you have stuck two works together to make a new word and that you didn't just forget to put in a space.
Ok, now that I'm done with my grammar-bitching, I think it is sad that people have to constantly attack people like this. I understand that it is easy to be a victim of this kind of attack as many of my friends have been but at the same time I just can't believe that people are so ignorant. I suppose I will feel this way until someone manages to trick me with one of these scams.
The "confirm your account" stuff is the most hard to believe that people still fall for. After all of this time you would think that people would know better.
Would you believe there are actually people who have tried to make a living out of completing scam surveys?
They used to execute people in that square. Interesting significance for Rome too when you factor in the video aspect. Are Italian Facebook scammers romantic historians? 😛
My question is: when you click on a video and it doesn't ask for any further info or give you any popups or anything, but then the video shows up on your facebook wall saying you "like" it (when you didn't click like – I guess that is called Clickjacking) – what is the scammer actually getting out of it? Aside from a bunch of "likes" for a bogus page.