View All Social Networking

Facebook Scam Alert: ‘Everyone do check what she did on cam’ Spreading

By Anonymous  •  April 11th, 2011  •   Social Networking

We’re monitoring an on-going Facebook scam campaign that seems to be spreading faster than any campaign we’ve come across before.

What did this girl do on her webcam?

What did this girl do on her webcam?

The scam starts with a user being tagged in a photo such as the one above. The photograph is posted in an album called “BBC News” to give it authenticity. It typically has over 100+ people tagged in it and it contains the following text: “Everyone do check what she did on cam …. — [URL]”

An example of what it would look like to see your friends tagged in this photo

An example of what it would look like to see your friends tagged in this photo

The short URL typically redirects the users to a .info domain, which then takes the user to a Facebook Application Installation page.

Short URL redirects to the following Application Install Page

Short URL redirects to the following Application Install Page

When a user allows the application, the scam continues with that user posting the same photo, tagging over 100 users in it and helping it propagate.

Over 100 Friends tagged in this scam

Over 100 Friends tagged in this scam

Users are also redirected to another .info domain, which contains a video that is gated by another form of a survey scam:

Facebook Verification Spam Bot - Freudian Slip?

Facebook Verification Spam Bot - Freudian Slip?

The scammers have managed to be nimble enough to switch the campaign from one Short URL service to another. At first, this was spreading via Bit.ly:

Bit.ly Stats as this scam was first spreading

Bit.ly Stats as this scam was first spreading

Over the course of an hour, this particular URL received over 80,000 clicks.  However, the scam has since shifted to the Goo.gl Short URL service:

Goo.gl Short URL Statistics for this scam

Goo.gl Short URL Statistics for this scam

In less than an hour, the goo.gl version of the scam has reached over 125,000 clicks.

Recommendations: First and foremost, don’t click on the link included in the description of the photograph. One of the things you can do to prevent your friends/family members from falling for this is to untag yourself from the photograph:

You can untag yourself from any photo

You can untag yourself from any photo

Additionally, you can report the image so that Facebook can take action against it (this is an important step):

You can help prevent this scam from spreading by reporting it

You can help prevent this scam from spreading by reporting it

If you’ve been tricked into installing the application, visit the Privacy Settings page and click on ‘Edit Your Settings’ under Apps and Websites.  Locate the Rogue Application under the Apps and Websites section (typically has the word “news” in it). Once you’ve located it under the  ‘Apps You Use’ section, click on ‘Edit Settings’ in order to remove the application.

Scammers are finding new ways to trick users. The key here is to be aware and to keep your friends and family members in the loop about scams like this one.  We can’t stress that enough.

Update: The goo.gl short URL has now logged over 220,000 clicks.

Over 220,000 clicks on the goo.gl short URL

Over 220,000 clicks on the goo.gl short URL

Additionally, the scammers have also moved to TinyURL:

Scammers are also using tinyurl to lead users to the scam application

Scammers are also using tinyurl to lead users to the scam application

Tags:    |    |    |    |    |  

One Response to “Facebook Scam Alert: ‘Everyone do check what she did on cam’ Spreading”

  1. [...] news of late. M86 Security Inc. has tracked a number of Facebook scams using malicious photos, wall posts and third-party applications. M86 researchers say [...]