Saturday, 20 November 2010

“Jeremy Kyle is forced to Step Back after man starts headbutting” Facebook scam | Naked Security

Another scam is hitting Facebook this weekend pretending to be a video of British TV celebrity Jeremy Kyle being headbutted. Like the Jerry Springer show in the United States, Kyle's show is notorious in the UK for showcasing controversial content. As have many of the fake Facebook applications we have seen in the past, it requests permission to post to your wall and then propagates across the walls of curious Facebook friends who click the link.
Facebook wall message
In addition to spreading on Facebook, this scam is being sent out on Twitter using a combination of spam and compromised legitimate Twitter accounts. The Twitter links ultimately lead you to the Facebook application, rather than directly to the affiliate marketing scams it is designed to spread.

Facebook app permissions request

One twist which we have seen more frequently of late is the bogus application requesting permission to "Manage my pages". If the attacker can trick a Facebook page administrator into granting their application control to post on the page, it allows them to send their message to a much larger audience.

At the time of writing more than 11,500 people have clicked through to this scam, which plays out in an all too familiar way. You are led to a Facebook Application which looks like a video player. When you click the video it asks for permission to "Like" it. Instead of seeing the promised video, you are then asked to fill out a survey, play a game or take an IQ test. Companies that offer money to individuals who can drive them referral traffic are ultimately to blame for these problems. Every person who takes the IQ test and subscribes to a premium rate SMS service will result in the scammer being paid an affiliate fee.
Affiliate marketing choice window

Considering that we have seen large numbers of these attacks on Facebook for over a year now, it does raise a lot of questions about their new email service. If they are unable to properly filter applications for users who register for access to their developer API, will they be able to prevent scams from spreading through their enhanced messaging service? I suppose only time will tell.

Thank you to one of our Naked Security readers for sending us a tip on this one. Have a tip? Send us an email at tip@sophos.com.

Posted via email from projectbrainsaver