Facebook Scams: Not Out of the Woods

Facebook may have just won a theoretical warchest from a spammer, but it’s not put its house in order when it comes to scams. Indeed, I suspect they’re getting worse. Now you can get infected without even having to visit your Facebook account.

What happens is that, if you have set your profile to receive email updates when someone sends you a message on Facebook, these trojan scams actually make their way direct into your inbox. Facebook is just the vector:

Here’s a message, as it looks in Gmail:

image

Click on that link and it takes you, not to the Facebook message page, but straight to the dodgy website. In this case the website is still active. It will have a name like YuoTube:

image

and a YouTube-like interface:

image

The message in the ‘player’ says “Your version of Flash Player is out of date.” Without you doing anything the download window will appear:

image

Of course, if you install that you’re in trouble. But are you in trouble if you’ve already visited the page? I’m still working on that.

28. November 2008 by jeremy
Categories: Malware, Networks, Scams, Security, Spam | Tags: , , , , , | 2 comments

Comments (2)

  1. thanks for the info. still its pretty tough to know what to do about it because facebook is so popular. facebook themselves need to sort problems like tis i suppose, that or there number of users will disappear if / when we all get our computers messed up by being part of there site / organisation

  2. Just as we suspected, more scams have begun to arrive on Facebook.
    Over the past few months there have been several instance of high profile security threats including conficker (the windows worm) and a number of Facebook scams and viruses. It seems that these are becoming more and more common.

    With all the Internet scams out there, this alert from the county struck us as odd. Why single out this one? There must be a back story. Either that, or Facebook has become so mainstream that its days are surely numbered 🙂