Sophos Cloud Optix
We see many scams spreading across Facebook every day, but some of them really make us lose our faith in society.. and Facebook itself.
Here’s the latest scam that is spreading rapidly across the network.
ÖMG: BRÔTHËR rãpés hís sïstér -
[LINK]
Wâtch thîs shóckîng VÍDÊÕ! Shé wäs hurtïng fór dâys, ånd côuld nòt wãlk!
The most likely way that this scam is spreading is by users choosing to click on the link. Presumably they want to see a video of a man raping his own sister. (There are other ways that the message could be spreading – malware, secret clickjacking, etc – but knowingly clicking seems the most obvious).
That’s a pretty sick and sorry statement on society.
Users who do click on the links are tricked into sharing it further..
.. and then complete an online survey that earn the scammers commission.
So, my faith in Facebook users is shaken a fair amount by scams like this.
But also, Facebook has to answer some important questions too.
Like, why can’t they stop scams like this more quickly?
Is it really beyond their ken to quarantine suspicious-looking status updates when they rapidly replicate across the network? Especially when the messages are using an ages-old spammers’ trick of using extended character sets (“Shóckîng VÌDÉÖ” instead of “Shocking VIDEO”) to try to bypass filters – which should itself ring loud alarm bells that something fishy is going on.
If Facebook is going to be a safer, family-friendlier place for people to be then it needs to tackle highly offensive scams like this much more effectively. Currently it is falling far short of what most decent people would want to see in their newsfeed.
Of course, if you have fallen for the scam, it’s a good idea to remove all references to it from your Facebook page and warn your friends not to participate in it.
And if you see any of your friends with such messages on their wall, report them as spam.
If you use Facebook and want to get an early warning about the latest attacks, you should join the Sophos Facebook page where we have a thriving community of over 100,000 people.
If you have an opinion on Facebook’s response to scams on their social network, why not leave a comment below?
We should never forget that we aren't Facebook's customers. we are their product. Their customers are advertisers and app marketers like Zygna.
That's not entirely true, because facebook still makes money off of us. They get a percentage off of facebook credits, which some people use. And, without us, they're "customers" liky Zynga wouldn't pay them because they'd be serving ads to no one, so that's not entirely true. And if facebook wants to keep it's users happy so they stay with it, then they need to shape up. Because if they don't, a competitor can and eventually will take over. And Google+ isn't looking like a bad alternative.
These scams have nothing to do with making advertisers and developers happy. In fact, offending your product enough that it might leave should hurt their bottom line. Especially now that there's a new game in town.
Either they don't have the means to stop it, or they're so arrogant and unethical they think people will stay no matter what. And perhaps, on that latter point, they're right.
"Incest scams are the new social norm. We're just giving people what they want. After all, look how many of you click on them. . ."
After all, as much disdain as you have for them, it sounds like you're still there. . .
That's all cool to be warned about spam and I do appreciate it, but what about the stuff that's not spam. Isn't there a way for facebook to block the purposely posted porn? I've already had to post a warning that I don't care who I make mad, but I would be reporting them for porn. I have already reported a few, but I don't see facebook doing anything about it. I am offended by facebook's lack of response as I am the porn. This is a serious problem and if I had young children there is no way I would allow them on facebook!
Seriously, who are you friends with?
I've never had porn turn up in my feed; reflection of who I let be my facebook 'friends' prehaps? If there are people posting porn, give them the ultimum and then block them.
The moral bar set by the hacker was set FAR below the origin, wasn't it?
I agree with your overall opinion, BUT, what keeps me scratching my head is how and WHY anyone would want to even see what is purported to be in the content. This proves to be a 2 faceted issue: the first being the scam, the second is how making a socially engineered link even more ghastly attracts even more fools to want to see it. Makes me question humanity.
John, I liked that comment so much, it's my new status 🙂
If you think it is so easy to stop why don't you get a job? 😛
Somebody missed the memo.
Graham has a job.
Working for a company that. . . wait for it. . . sells products that identify and quarantine spam and malware.
Well maybe he could get a better job at Facebook since he keeps dissing their security team. They have done a lot of stuff like ban certain apps permissions and making a confirm button on likes. You can only do so much, Graham has no idea.
In all the scams I have seen, I have *never* seen Facebook ask for confirmation after clicking "Like".. I know they introduced the facility, but I have yet to see it in action.
So I humbly suggest that it doesn't work that effectively.
Oh, you mean like this, in which Facebook wasn’t even scrutinizing its ten most popular apps for compliance with privacy policies?
http://nakedsecurity.sophos.com/2010/10/17/facebo…
Seriously, how long does it take to check 10 applications, even if you do it by hand?
You can only do so much, but it seems Facebook does practically nothing.
If you take on the project of creating a site with so many features and with, now, 750 million users, don’t you have a responsibility to do better, or, failing that, pull the plug on the features that are causing chaos?
You must believe it’s possible to do better than Facebook currently is, or you wouldn’t have said of Google+, “Circles will stop the spam.”
obviously you're not a developer, if you were you would have known there are always possibility's to combat spam.
Why doesn't FB stop these things? Because it's spending too much time implementing features that the majority of users do not like or want….
Being that FB is programmed by a 'younger' group, could it be that they are sacrificing security for the 'magpie-effect', i.e. newer, shinier features?
Can't wait for all the spam to be transferred over to Google +, leaving the fb people alone :p
It won't, circles will stop the spam.
Here’s one of a long string of indicators that Google won’t be quite so neglectful of/incompetent around social safety as Facebook:
http://techcrunch.com/2011/07/19/google-detecting…
They have the data, the know-how, and apparently the desire to provide a much safer user experience.
Maybe Google+ will be more strict and faster when it comes to spam like this, who knows.
What is really baffling is who is paying commission for all these surveys? They are not going to collect any truthful information from somebody who is just trying to get to see porn.
Facebook doesn't stop this stuff because they don't WANT to stop it. They want to keep their site traffic as high as possible for as long as possible until they're ready to do an IPO or sell the company outright. Then they'll cash out and leave the mess to whomever is dumb enough to buy into it.
No wonder it ranks #10 on the 19 most hated companies in America!