HCG diet spam attack hits Facebook users, spreads rapidly

Filed Under: Facebook, Social networks, Spam

Many Facebook users are finding that their friends are announcing online that they have lost weight, and are directing others to follow the HCG diet.

Here's a typical message:

I've lost 10 pounds in just one week all thanks to HCG!

I've lost 10 pounds in just one week all thanks to HCG! Check it out [LINK]

followed by a comment, seemingly from the same user, saying:

Never thought losing weight could be so easy!!!

Other versions can use different language, such as:

I've lost over a stone in just 2 weeks all thanks to HCG! Check it out [LINK]

If you follow the link, you are typically taken (via a blogspot url) to a website touting a miracle diet.

Waistline. Credit: ShutterstockOf course, it would be something of a coincidence if so many thousands of Facebook users had all lost 10 pounds at the same time, and all decided to tell their Facebook friends using precisely the same wording, wouldn't it?

If you see a Facebook friend has posted a message like the one above, tell them that scammers have taken advantage of their account to spew out diet spam, and advise them to be a lot more careful in future.

The good news is that if you're using Sophos products then we can intercept the dodgy webpage, and prevent you from putting even more money into the pockets of the scammers.

Scam webpage intercepted by Sophos

Got a friend who has sent out the diet spam message? If they find any suspicious posts on their newsfeed, or unexpected apps or pages that they have liked, then they should obviously remove them.

Affected users should also run an up-to-date anti-virus program on their computers and scan for a possible malware infection. If there is malware present, it may have also grabbed your online passwords - make sure that you haven't left a backdoor open to your website accounts and change your passwords.

If you use Facebook and want to get an early warning about the latest attacks, you should join the Sophos Facebook page where we have a thriving community of over 160,000 people.

Image credit: Shutterstock.

, , , ,

You might like

18 Responses to HCG diet spam attack hits Facebook users, spreads rapidly

  1. Jan Matthews · 1346 days ago

    My pencil-thin, bordering on anorexic, friend had this posted on her wall. Imagine our (her friends') concern. Glad it was a scam and she has now removed it.

  2. Emily · 1346 days ago

    I have seen these status comments for the last couple of days and guessed that it was something dodgy. Could you please tell me HOW it happens as my friends who have had it on their statuses say they haven't clicked on anything beforehand. Do they need to change their passwords? Thank you.

  3. 7geez · 1346 days ago

    You don't tell the end user what "be a lot more careful" means. What can they do to prevent the posts appearing on their pages?

  4. Tina · 1346 days ago

    My husband has had this on his account over the last few days. We are not quite sure what he has to do to get rid of it for good.

  5. Spillage · 1346 days ago

    They didn't tell you, because they expect you to use their product! They're as bad! I don't think there's a virus risk. I think it's just a malicious program that spams your profile status update.

    • Yes, it's possible that a malicious program on users' computers is posting the messages as status updates on Facebook.

      We're still trying to investigate what - if any - malware might be doing that.

      That's why we recommend that users run up-to-date anti-virus software.

  6. Psy-Ko · 1346 days ago

    It's not a virus, it's just a rouge app. and the only site it affects is FB your computer is safe as are your passwords. Maybe people clicked on it, maybe not. A lot of people don't want to admit they did and thats cool. Or it's possible it was installed when installing a different app, it could be attached to it. If it's posting messages to your account first thing of course is to delete the messages but it's not over then. You need to go in to your 'games and apps' settings on FB and delete any app you don't recognize or don't remember installing. If you don't see anything right away then I'd just delete any app added in the last week before it started. This is going to be hard for some people because they have so many apps installed but it's the only way to stop it.

    Also check your 'pages' and 'groups' rouge apps sometimes add you to these without your permission. Doesn't do much except clog your newsfeed with posts from them so may as well delete them too.

    • Greg · 1346 days ago

      I think you are right. My wife had postings inside her facebook account yesterday, but then we managed to remove the said postings when we have discovered that a "rouge app" or other type of application worm was inside her facebook profile. We have removed the from the application settings of her facebook profile by clicking the "X" on the right part of the said "rouge app". After this, the application worm didn't manage to make any further postings to my wife's profile page. Actually it disappeared completely.

      On the other hand, you didn't write about the product itself. Graham, is it any good?

      The website of this HCG firm looks pretty promising. I have told my wife to re-read the fine print and everything before she orders (you never know these days on the internets).

      • 4caster · 1345 days ago

        What is a "rouge app"? A French make-up to redden our faces?

    • Emily · 1346 days ago

      Thank you Psy-Ko - really helpful reply - will post on my facebook for friends who have been affected

  7. Robert Gracie · 1346 days ago

    Its the Acai berry stuff all over again, when will the scammers learn they are not welcome on the web with stuff like this...its beyond a joke and its getting tiresome and I mean REALLY TIRESOME!

  8. skinnyminnydrops · 1345 days ago

    I actually promote this hcg diet plan myself but I don't spam anyone. They somehow find me and join my fanpage. I'm not interested in spamming anyone, nor do I want it done to me. Sick of the whole thing, what ticks me off even more is cell phone spam texts!

  9. Unfortunately there are lots of spammers taking advantage of facebook and twitter in this way, this one works particularly well this time if year because we all want to beat the bulge after Xmas over indulgence.

  10. Cazzer · 1317 days ago

    I just caught my niece purchasing this hcg diet stuff !!! and she has used my details !!!! Help !!! What do i do ? and what effects is this going to have ???

  11. Yeah, I saw that too on my my Facebook. Well, it is sad that people use strategies like that to make money. There are ton of other legit methods and marketing techniques that can be used. I, personally, also promote this product, but in never crossed my mind to do it this way. It is just wrong and unethical. I hope they got caught.

  12. Aritra · 1196 days ago

    i received a mail like HCG spam in my yahoo mail box and open in my iphone 4s. Would it affect Can i still operate like earlier like banking, shopping. Thanks in advance.

  13. JeffS · 1143 days ago

    It just hit my facebook account, and the only app I added was the Zynga app. I suspect this is the culprit.

  14. They still do up til Now.. It's a bit annoying.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog at https://grahamcluley.com, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley