Want to see who has viewed your Facebook profile? Take care..
July 26, 2010 by admin
Filed under Security News
I’m increasingly being asked by folks on Facebook if it’s possible to tell who has been viewing their Facebook profile. A number have been attracted to webpages and Facebook applications that claim to be able to give you a secret insight into who is spying on your profile.
Well, if you’re one of those people who are curious about who might be watching you online, take care.
Right now we’re seeing a significant number of Facebook users posting messages such as:
OMG OMG OMG... I can't believe this actually works! Now you really can see who views your profile!!! WOAH
and
See who views your Facebook profile in real-time!!!
However, like the “Justin Bieber cell phone number” scam and the “This mother went to jail for taking this pic of her son!” scam, the links pointed to in your friends’ status updates are not to be trusted.
If you make the mistake of clicking on the link to one of these pages offering to tell you who is viewing your Facebook profile, you will find that the people behind the “services” want you to do a few things first.
For instance, they’ll ask you to “Like” their pages (which means you are spreading the link to friends in your social network), and they will ask you to advertise their site by posting an “OMG” message (with a link) to at least five different places on Facebook.
After all that hard work you would hope that they would give you access to the powerful Profile Spy app wouldn’t you? But I’m afraid your luck is out.
They’ll next ask you to hand over your personal information by taking numerous surveys – before ultimately trying to trick you into handing over your cellphone number which they’ll sign up to an expensive premium rate service.
Remember, this scam doesn’t work as the result of clickjacking, or a vulnerability on Facebook. The scammers are achieving their ends because of human gullibility – pure and simple. If people considered what they were doing and thought twice about the possible consequences then we would see nothing like as many of these attacks occurring, and our news feeds on Facebook would see less spam.
Horrific photo forced photographer to kill himself? Don’t be too quick to click
June 6, 2010 by admin
Filed under Security News
After a week full of clickjacking attacks, we’re seeing other dodgy links being spread widely between Facebook users who should perhaps know better.
One that I have seen crop up a lot, is appearing in the status updates of Facebook users with phrases like:
This horrific photo forced photographer to kill himself! http://tinyurl.com/VerySadPhoto
and
This horrific photo forced photographer to kill himself! http://tinyurl.com/HorriblePic
Clicking on links like these can take you to Facebook pages which names such as “Man Commits Suicide 3 Days After Taking This Photo”.
These Facebook pages force you to first “Like” them and then republish the link on your own Facebook page (advertising it to your online friends) before you eventually get to see the photograph.
Just ask yourself this – do you really want to recommend a page to your friends, before you know what lies behind it? For all you know, you could be passing on a link which will ultimately take your online pals to a phishing page or malware.
As it happens, the pages are lying in any case.
The photograph – of an emaciated young girl in Sudan – was taken in March 1993 by prize-winning South African photo-journalist Kevin Carter. Carter did kill himself – but it was over a year later in South Africa, not three days after the photo was taken as claimed by the Facebook links.
You can probably imagine, however, that people would easily agree to publish the link to all their friends – in their morbid interest to see the photo – and thus help it spread quickly.
In fact, it’s no surprise that links like these are spreading so quickly and virally across Facebook, when popular pages such as “I like your makeup…LOL JK, it looks like you got gangbanged by Crayola” (currently 1.7 million fans and counting) have republished it to all of their followers.
Try not to laugh xD: Worm spreads via Facebook status messages
May 21, 2010 by admin
Filed under Security News
A clickjacking worm spread quickly across Facebook earlier today, tricking users into posting it to their status updates.
The worm, which some have dubbed Fbhole because of the domain it points to, posts a message like the following:
try not to laugh xD http://www.fbhole.com/omg/allow.php?s=a&r=<random number>
Clicking on the link would display a fake error message that would trick you – through a clickjacking exploit – to invisibly push a button that would publish the same message to your own Facebook status update. We’ve seen clickjacking exploited by hackers before in attacks on social networks, for instance in the “Don’t click” attack seen on Twitter in early 2009.
READ MORE…. and see the video
