Post reply

Name:
Email:
Subject:
Message icon:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image

Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

shortcuts: hit alt+s to submit/post or alt+p to preview


Topic Summary

Posted by: Pez
« on: 07. June 2012., 09:01:54 »


Malicious App Sends Bogus Facebook Warnings

Today, I received a couple of requests from my friends on Facebook. Each included the phrase “WARNING FROM FACEBOOK TEAM.” The requests looked suspicious because they came from friends, and the Facebook team never sends such warnings. A little quick analysis found that those requests were actually sent from a fake application called hxxp://apps.facebook.com/secureverifyssdc/. Here is how the requests look:


Larger picture

Once a victim follows the fake request, the application asks for basic permissions. Once granted, the malware takes the victim to the application homepage, which shows this fake warning:


Larger picture

The warnings read: “Announcement From FACEBOOK Verification Team. All Profiles Must Be Verified Before 10th June 2012 To Avoid Scams and Scams under SOPA ACT. The Unverified Accounts Will Be Terminated. Verify Your Accounts By Below Steps.” The scammer has used terms such as “Facebook verification team” and “SOPA ACT” term to scare users into believing that the warning is legitimate and has come from the real Facebook team. The warning next asks users to complete a few steps to verify their accounts. The first step sends fake invitation requests to add this application to the victim’s friend list.


Larger picture

Victims must send requests to all their friends to go to next step. The application also verifies if victims click the cancel button by displaying another message. Once victims send requests to friends, they have to complete the final step, which asks victims to take several surveys that help the scammer earn money.

We have seen such scams before and in every case the motive is to make money by suckering users into completing surveys. Afterward, victims get to see a YouTube video.



This video has been seen 627,000 times. Comments from the last four months reveal victims of this scam worried about their Facebook accounts and asking for help. Here are a few recent comments:


Larger picture

The stats count of this video looks scary and shows that this fake application may have existed on Facebook for a long time, or this video may be used in different Facebook scams. We can guess that most of the statistics for this video have come from different Facebook scams or this fake application. The comments from Facebook users show their lack of security savvy and the danger of using social networking platforms. The good news is that the real Facebook team appears to have found this fake application. Here’s a legitimate comment:


Larger picture

The Facebook team has removed this application completely from the directory, but we believe that more fake applications may still exist.


Orginal article: Wednesday, June 6, 2012 at 3:10pm by Umesh Wanve
Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising