Live Global Events: Secure, Simplify, and Transform Your Business.

Zscaler Blog

Get the latest Zscaler blog updates in your inbox

Security Research

Facebook Under Attack By Scammers

May 17, 2011 - 2 min read
Facebook is facing no shortage of attacks from scammers. Yesterday, I posted a blog about a recent scam being circulated on the Facebook network and only a few hours later, we uncovered yet another one. The goal of this scam remains the same as earlier one, namely to coerce Facebook users into completing various surveys which in turn generate money for the scammer. The interesting fact about this scam is that it is not only posting the malicious message to the wall of the victim’s friends, but it also gets a list of online friends to send them chat message like “hey you are still there?Check my wall for the link ^_^ It showed me who viewd my profile. Amazing :p" with a link to the malicious domain. Here is what the wall posts look like:

When a user clicks on the links in the message, they are presented with a fake pop up displaying how many friends are supposedly viewing the victim’s profile. Here is a screenshot:

ImageRemember, this is fake message and each time it is accessed, it simply generates a random number– this has nothing to do with actual users viewing your profile (something that Facebook does not share). The page also suggests that the user must copy and paste JavaScript into the address bar, which will of course execute the JavaScript in the context of the victim. This is similar to the earlier scam. Once the user runs that malicious code, they are presented with some fake messages requiring that they undertake surveys or view additional messages: Here are the screenshots:
ImageAs mentioned, the attack also sends chat messages to online friends in order to further spread the attack. Here is the screenshot of the associated source code:

ImageThe malicious code also forces the victim to become a fan of “OSAMA” Facebook pages. Here is the screenshot of that code:

ImageFacebook is currently losing this cat and mouse game. As quickly as they take scams down, new ones appear and take their place, each time evolving the tactics slightly to evade detection. This is second scam we uncovered in only a few hours. Facebook needs to do a better job protecting its users. Both of these scams use the same techniques of social engineering users into pasting JavaScript into the URL bar – something that we’re seeing on a more regular basis and something that would never be required by a legitimate page.

Nasty Scams!!!
form submtited
Thank you for reading

Was this post useful?

Explore more Zscaler blogs

A cyber criminal shopping for malware
Agniane Stealer: Dark Web’s Crypto Threat
Read Post
Business people walking through a city
The Impact of the SEC’s New Cybersecurity Policies
Read Post
Digital cloud illuminated in blue
Security Advisory: Remote Code Execution Vulnerability (CVE-2023-3519)
Read Post
The TOITOIN Trojan: Analyzing a New Multi-Stage Attack Targeting LATAM Region
Read Post
01 / 02
dots pattern

Get the latest Zscaler blog updates in your inbox

By submitting the form, you are agreeing to our privacy policy.