Facebook

Discussion in 'Phishing' started by Templar, Jul 9, 2010.

  1. Templar

    Templar Super Moderator

    From PC Tools.

    Don't get Clickjacked by the latest FaceBook Virus.

    What is Clickjacking?

    The newest Facebook threat tricks users into "liking" a page within Facebook, then suggests that page to your friends. The liked page may contain malicious links to non-secure sites outside of Facebook. It also damages the security of your reputation by posting to your profile that you liked this page, when in reality you never did.
     
  2. Central Scrutinizer

    Central Scrutinizer Administrator Staff Member

    Facebook: "dislike" scam warning

    16 August 2010

    [​IMG]

    Facebook users are being targeted in a scam that offers them a chance to install a "dislike" button.

    The scam tricks users into allowing a rogue application to access their profile page, which then posts spam messages.

    It also attempts to lure people into completing an online survey, for which the scammers are paid money.

    The social network already offers a "like" button that allows people to rate other user's comments and posts.

    Graham Cluley of security firm Sophos said it was the latest in a series of "survey scams" that included links to a video purporting to show an anaconda vomiting up a hippo.

    "One thing we commonly see is that the message starts 'OMG, shocking video'," he said.

    "And they appear to come from your Facebook friend, giving it a ringing endorsement."

    Unknown apps
    The dislike button scam prompts people to download an application with the message: "Download the official DISLIKE button now."

    When users click on the link it prompts them to install a rogue application, which does not function as a dislike button.

    Once a user has given it permission to access their profile, it updates the user's page with a link and a message: "I just got the dislike button, so now I can dislike all of your dumb posts lol!!!"

    "We always encourage people to not click on links that appear suspicious - even if posted from a friendâ€￾ Facebook spokesperson

    "Many people are giving permission for completely unknown apps," Mr Cluley told BBC News.

    The surveys appear to be from genuine companies, he said.

    "As far as we can tell, they appear to be legitimate," he said. "It could be that the firms are not policing their affiliates properly."

    The scam finally points users towards a Firefox add-on that installs a "dislike" button.

    Mr Cluley said the add-on also appears to be legitimate.

    Ron Sharpp, CEO of FaceMod, the maker of the add-on, told BBC News that his company was "in no way affiliated with the online scams".

    He said the firm had been sent "several support e-mails" asking about the surveys.

    "In response, we've taken efforts to remind our users that those are not official posts and warning users not to download any version of our add-on from an alternate source," he said.

    In addition, the company has issued a warning via its Facebook page.

    A spokesperson for Facebook said it also regularly warns users about rogue applications.

    "We always encourage people to not click on links that appear suspicious - even if posted from a friend," a spokesperson said.

    The site has a "very quick process in place" to make sure that links and rogue applications were taken down quickly, they added.

    "They can report any posts to us. We can make sure that we take down any application or all of the links across Facebook."

    But Mr Cluley said that although Facebook could respond quickly, it should police the development of rogue applications more closely.

    "Anyone can write a Facebook app - these scams are constantly springing up," he said.

    http://www.bbc.co.uk/news/technology-10987725
     
  3. Sphinx

    Sphinx Administrator Staff Member

    Facebook says:
    More here: http://www.huffingtonpost.com/2011/...cid=maing-grid7|netscape|dl1|sec1_lnk2|112855
     
  4. Sapphire's Strike

    Sapphire's Strike Administrator Staff Member

    Received from: 134.63.2.21, USA, Oregon, Tektronix
    Return-Path: <8a1ztr3prriwfca3zt4pjhh@6d05929.huyhgstdrtdgc.com>
    Date: Fri, 24 Jun 2016
    Subject: FB Account Hacked
    From: "FB Support" <8a1ztr3prriwfca3zt4pjhh@6d05929.huyhgstdrtdgc.com>

    There is reason to believe your Focebook account has been hacked. A virus may have been placed on your computer. Please contact us ASAP to get the problem fixed and your computer cleaned so this does not happen again.

    The phone number is: 8889941103

    The above telephone number is also used here: http://antifraudintl.org/threads/device-activity.106017/
     
  5. Central Scrutinizer

    Central Scrutinizer Administrator Staff Member

    From: 94.76.201.103, [​IMG] UK, Simply Transit Ltd
    Return-Path: <cortin@grnmail.com>
    Subject: You have messages that will be deleted soon cogitates
    From: Notification+Facebook <cortin@grnmail.com>
    Date: Thu, 13 Jul 2017

    You haven't been to Facebook for a few days, and a lot happened while you were away. You have messages that will be deleted soon

    View messages http://hhyun.com/data/simultaneously.php

    Go to Facebook

    This message was sent to ......@yahoo.com. If you don't want to receive these emails from Facebook in the future, please unsubscribe.
     
  6. Dororo

    Dororo Administrator Staff Member

    Return-Path: <cruz@hudco.com>
    Received: from vms172105.mailsrvcs.net (vms172105pub.verizon.net [206.46.172.105])
    Date: Sun, 25 Jun 2017
    From: Dennis Turner Support <cruz@hudco.com>
    Message-id: <f479e2-de33483dace8@hudco.com>
    Subject: Somebody has been posted your photos.

    f Facebook You have notifications pending.
    A lot has happened since you last logged in. Here are some messages you've missed.

    Thank you for confirming receipt.
    <http://alohaworldmarketing.com/wp-content/plugins/laceration.php> 4 notifications

    More information <http://alohaworldmarketing.com/wp-content/plugins/laceration.php> View notifications <http://alohaworldmarketing.com/wp-content/plugins/laceration.php>

    This mail was sent to ........... Please unsubscribe <http://alohaworldmarketing.com/wp-content/plugins/laceration.php> if you don't want to receive these mail in the future. Facebook, Inc., Attention: Community Support, 1 Hacker Way, Menlo Park, CA 94025
     
  7. Godzilla

    Godzilla Super Moderator Staff Member

    Return-Path: <francis.young@innovex.com>
    Received: from www.sorgem.com ([31.193.128.230]) by vms172087.mailsrvcs.net
    Date: Fri, 23 Jun 2017
    Subject-Cummins-Impulses: 2a17974c7
    From: Bryan Parker Support <francis.young@innovex.com>
    Subject: You have private messages.

    f Facebook You have pending notifications.
    A lot has happened since you last logged in. Here are some notifications you've missed.
    Bryan Parker, Support

    Now you can manage your account. <http://www.pipiltincocoa.com/uploads/files/allots.php> 1 messages

    Get more information <http://www.pipiltincocoa.com/uploads/files/allots.php> View messages <http://www.pipiltincocoa.com/uploads/files/allots.php>
    This mail was sent to bieneman@verizon.net. Please unsubscribe <http://www.pipiltincocoa.com/uploads/files/allots.php> if you don't want to receive these mail in the future. Facebook, Inc., Attention: Community Support, 1 Hacker Way, Menlo Park, CA 94025
     
  8. Miyuki

    Miyuki Administratrix Staff Member

    Return-Path: <eagerbill@netexperts.co.uk>
    Date: Mon, 10 Jul 2017
    Message-ID: <83f5b.82e2846d.2d27@netexperts.co.uk>
    Subject: You have new messages
    From: Kristine Jackson Assistant manager <eagerbill@netexperts.co.uk>

    f Facebook You have new messages
    A lot has happened on Facebook since you last logged in. Here are some messages you've missed from your friends.
    Kristine Jackson, Assistant manager
    You now have all your data transferred.
    1 notifications http://ibmgroupbd.com/dfdfdfdfdsfsdfsdfsdfsdf/mellow.php

    Please unsubscribe http://ibmgroupbd.com/dfdfdfdfdsfsdfsdfsdfsdf/mellow.php> if you don't want to receive these mails in the future. Facebook, Inc., Attention:
    Community Support, 1 Hacker Way, Menlo Park, CA 94025
     

Share This Page