Global websites Press About us Contact us
Products
Solutions
Support
Security
Partners
Naked Security
Skip to contentSearch for:
Archive by date | author | category Send us a tip | Subscribe by RSS | Email malware spam social networks data loss law & order apple podcast video more about 2862 599
3590 Share Fiona Xie sex videos clickjack Facebook users WordPress.com targeted by DDoS attack Beware
Top 10 Profile
stalkers on
Facebook and Twitter Hi there! If you`re new here, you might want to subscribe to the RSS feed for updates. X
by Graham Cluley on March 3, 2011 | Comments (12)
FILED UNDER: Social networks, Spam
Following the "11.6 hours" scam which flourished on Twitter yesterday, you would hope that everyone would be wise to the threat of allowing unknown apps unfettered rights to post to your social networking account.
However, I wouldn`t be surprised if we see more and more scams which attempt to increase their chances of success by targeting both
Facebook and Twitter users at the same time.
For example, here`s a scam which is spreading virally on
Facebook right now.
Cool,man I cannot believe that you can see who is viewing your profile. ! I just saw my
top 10 profile
stalkers and I am SHOCKED that my Ex is still viewing my profile :O ! You can see WHO VIEWED YOUR PROFILE here--[LINK]
If you click on the link you`ll ultimately share the link from your own account and be required to take a revenue-generating survey scam. We`ve discussed these sorts of scams many times before, of course, and provided details of how to clean-up your
Facebook profile afterwards.
Meanwhile, earlier today, a very similarly phrased scam was spreading on Twitter with the same intention of making money for the bad guys.
I just viewed my
TOP 10 Profile
STALKERS - [LINK]
The good news is that the links being used by this scam on Twitter appear to have now been blocked by bit.ly (although they may, of course, spring up again under a different guise). If you did manage to reach the destination that the scammers wanted, however, you would have been urged to connect a third-party
application with your Twitter account.
Giving permission to such an app is just what the scammers want, and the app doesn`t waste any time exploiting the opportunity to post to your Twitter account - spreading its link even wider.
Meanwhile, the promise of discovering who are your
top 10 profile
stalkers on Twitter might be enough to tempt you into taking a survey which earns money for the scammers.
Needless to say, you never do find out who has really viewed your
Facebook page or Twitter profile - but you have helped put some cash in the pocket of the scammers.
Don`t encourage them to distribute scams like this, and always exercise caution about which third party apps you allow to connect with your social networking accounts.
If you`re on Twitter and want to learn more about threats, be sure to follow Naked Security`s team of writers. Meanwhile,
Facebook users would be wise to join the Sophos
Facebook page, where we give early warning about new threats.
inShare
134
Tags:
Facebook, rogue
application, Scam, Spam, Survey Scam, Twitter
Fiona Xie sex videos clickjack
Facebook users
WordPress.com targeted by DDoS attack
About the author
Graham Cluley is senior technology consultant at Sophos. In both 2009 and 2010, the readers of Computer Weekly voted him security blogger of the year and he pipped Stephen Fry to the title of "Twitter user of the year" too. Which is very cool. His awards cabinet bulging, he was voted "Best Security Blogger" by the readers of SC Magazine in 2011. You can contact Graham at
gc@sophos.com, or for daily updates follow him on Twitter at @gcluley.
View all posts by Graham Cluley
Related Posts
Thousands of Twitter users hit by classic
Facebook scam
Photo tagged as a
Facebook bunnygirl? Beware viral scam
Openmouthed?
Facebook users gawp at new incarnation of survey scam
Twitter users are not smarter than
Facebook users - Profile views scam spreading fast
Comments (12)
Sort by: Date Rating Last Activity
2
Armaan · 10 weeks ago
you people are just great. Keep it up, guys.
Report
Reply
6
Ross · 10 weeks ago
Why doesn`t
Facebook detect and block these scams immediately? Are they getting a piece of the ill-gotten proceeds?
Report
Reply
0
Tyler · 10 weeks ago
If you guys ever take notice at who is serving these ads... 99% of these survey spammers are from CPALead.com. It`s surprising no one has looked into that - why is that affiliate program not making an effort to reduce this behavior? Seems like they are encouraging it instead.
Report
Reply
2 replies · active less than 1 minute ago
1
Graham Cluley · 10 weeks ago
You may find this of interest:
http://nakedsecurity.sophos.com/2010/10/22/facebook-sue...
Report
Reply
0
Tyler · 10 weeks ago
Graham,
If you take note of the case - it is fully resolved and the defendant only paid an $85,00 fine. That`s nothing.
Is this just? I don`t think so. Just saying.
Report
Reply
0
@WeboGerbil · 10 weeks ago
Yeah, I tried, but blocked it when I saw that it wanted me to do a survey...
Report
Reply
1
Scott · 10 weeks ago
All these scammers come from CPALead - you can buy the scripts which do this for about $30, and they`re regularly updated. I was a member of CPALead, just as a bit of blackhat research and people were earning upwards of $10,000 per DAY (people can announce their earnings via chat, and the earnings are pulled from the CPALead database). They all share their techniques and actively help each other pull off these survey scams.
After
Facebook changed some of their algorithms for detecting spam (and introducing the requirements for verifying accounts) people found it much more difficult to actually do it. But then people pop up selling hundreds of
Facebook accounts with verified details and a full profile for a couple of dollars a pop.
Report
Reply
1 reply · active less than 1 minute ago
0
Scott · 10 weeks ago
Just a bit more information, there are two major competing apps, one called TinieApp and the other is by a guy who calls himself
FB Expert.
I`m surprised
Facebook haven`t detected footprints for these scripts (I have both scripts and the code they output is easily detectable).
The image you have in your blog article for the "Anti Spam survey" is a default image that comes with one of these apps (I`ve forgotten which specific app it is). The reason why CPA Lead is not cracking down on these guys is because they are making tens of thousands of dollars from them every day. Their recent party in Las Vegas where they`re raffled off the owners Maserati is testament to that.
This is all just the beginning of the spam chain, once the survey is filled in all the data that has been collected is used by unscrupulous individuals/companies to spam and get people to sign up to premium services which are very hard to unsubscribe from. These companies are paying up to $3/$4 per survey filled - they wouldn`t be doing this if they weren`t making significant gains on that investment.
I have to be honest, I did look into all of this as a way to make money, but I couldn`t morally do it - I just imagined my mother filling in a survey and getting spammed to death while losing a lot of money in the process
Report
Reply
0
@martijn_grooten · 10 weeks ago
Scam is still going round on Twitter -- someone I follow was infected tonight. As the scam was using bit.ly links, I told them on Twitter @bitly. The malicious links had stopped working within
ten minutes! Was very impressed.
Report
Reply
0
Briana · 4 weeks ago
I actually see the
top ten stalkers post via mobile, but if I go in via web on my home pc that same post is not showing up. I am quite well versed on these type of scams so I have no idea how it`s showing up on my mobile profile page but the online page it isn`t there.
Report
Reply
1
Tatianna · 4 weeks ago
I really love this blog, I read it all the time. I actually got this spamming link on my
facebook and I couldn`t remove it at the beginning. Someone tagged me and it was stuck. I finally was able to get rid of it. When is all these spammers are going to go away. I dream of a day, where spammers and virus creators will find other things to keep them busy.
Report
Reply
0
Suzzie · 1 week ago
I got caught!!! what do i do now?
Report
Reply
Post a new comment
Comment as a Guest, or login:
Login to IntenseDebate
Login to WordPress.com
Login to Twitter
Name Email
Displayed next to your comments.
Not displayed publicly.
Submit Comment
Popular
Recent
Related
Thousands of Twitter users hit by classic
Facebook scam
Photo tagged as a
Facebook bunnygirl? Beware viral scam
Openmouthed?
Facebook users gawp at new incarnation of survey scam
Twitter users are not smarter than
Facebook users - Profile views scam spreading fast
Profile Spy rogue
application spreads virally on Twitter
Video posts
More videos this way
Sony,
Facebook controversy, FBI bust, Armenia cut off - 90 Sec News - April 2011
Mother`s Day search terms lead to Mac rogue security software
IE6, Tsunami scams, Pwn2own, RSA hack, Epsilon breach - 90 Sec News - March 2011
Malware, HBGary owned, OS X Trojan, Win 7 SP1 - 90 Sec News - Feb 2011
Hacktivism, Apple App Store, Vodafone and
Facebook - 90 Sec News - Jan 2011
Twitter Feed
No data is available.
EnglishDeutschEspañolFrançaisItaliano
© 1997-2010 Sophos Ltd. All rights reservedLegalPrivacyJobsRSS
Corporations
