The Latest in IT Security

Is your ‘stalker ex’ still creeping your Facebook page?

16
May
2011

Another day, another Facejack attack. We see a lot of these sorts of scams, alluringly titled posts – typically with a promise to show you who has been visiting your profile (or infamously, video of Osama Bin Laden's death) – that try to get you to click to see some special content.

The latest one looks like this:

Will you really get to see your Profile stalker?

Actually, if you hover your mouse over the "CLICK 2 SEE YOUR STALKERS" text, you'll see that the URL actually redirects to another site, and in any normal facebook post you should actually see the "Share" button in this position

A normal Facebook post showing the "Share" button correctly

What actually happens when you click on the altered posts is that you simply share the link with all your friends. Unfortunately, in the background, you might also be opening your profile for further compromise, as there are a lot of javascripts that run behind these links. Some of the scripts just deal with redirecting you back to Facebook as if nothing had happened, and sharing the new post on your profile, but others may have more malicious intent – particularly ones that direct you to download video.

Facebook has recently taken efforts to put a stop to these sort of scams – particularly if they see the "Share" Button being replaced like this, but so far, it doesn't seem to be having much effect – we still see a lot of these sorts of posts spreading each week.

The best thing to do is, as always, Think before you click! The scammers and criminals who make malware for a living are relying on your curiosity, don't let them get the better of you!

Leave a reply


Categories

THURSDAY, NOVEMBER 23, 2017

Featured

Archives

Latest Comments

Social Networks