Some of my Facebook friends are probably wondering why I would fall into the trap of the magical “dislike button” hype that seems to be sweeping across Facebook right now. In a little social experiment and hopefully an awareness exercise for some of my non-security friends I created a Facebook group based off of similar ones I have seen called The REAL Dislike Button™ is Finally Here! Add it Now!. The group is harmless even if it looks like there is scary JavaScript code in the instructions to “turn your friends blue”. If you click on the link it takes you to one of my favorite YouTube video’s. 🙂
The point is that these fake groups are targeting Facebook users thinking that Facebook has these new “features” like a dislike button and even ones like “see who viewed your profile”. Folks, these techniques and/or modifications to Facebook don’t exist. Sorry. Just in the last week I have seen more and more of my Facebook friends sharing links to these groups. Almost all of the groups I have looked at that were being shared lead to very bad places which I will demonstrate below.
Example #1 – The Typical “Get the DISLIKE BUTTON” Scam
In this example we have one of *many* groups that promise you the uber magic secret “dislike” button if you just join the group, invite your friends to do the same and follow some strange link off to Neverland. This group has 1,162,238 members. I wish I was making that number up.
The first thing you will notice is that there is a link to a Facebook profile they want you to friend. That profile was deleted (your first clue). Next, they want you to check out a link in Step 5. That link sends you here:
Which will eventually install some nasty adware/spyware on your Windows machine called Adware.Mywebsearch.DV. It’s not easy to get rid of.
In a similar group like the one above with a mere 697,375 members the last link takes you to this:
If you go through with entering in your cell phone number and getting the confirmation code per the instructions you have just signed up for a monthly charge to your cell phone account to the tune of $9.99 per month. The monthly charge details is in the very tiny text you can hardly read. Nice. But wait, if you were smart enough to try and close the quiz window, you get this pop-up:
Really? Hopefully you don’t fall for that one even though it shows your real city.
Example #2 – The Typical “See everyone who viewed your profile” Scam
This is one of my favorites as this is another impossible feat of Facebook technology. Here is what the screen shot look like:
Note the PhotoShop job on the notification window showing who has “viewed” your profile. Clicking on the bit.ly link leads you to another quiz application or adware/spyware or other forms of dangerous malware. Don’t worry, there are *lots* of these groups out there. Good times.
So the lesson here is…don’t click on anything in these groups that tempt you with magical Facebook powers! If it seems too good to be true, it probably is!
Pingback: Social Media Security » Social Media Security Podcast 8 – Would You Commit Social Media Suicide?
theres another new one now, same code as before..
http://www.facebook.com/group.php?v=info&gid=245669991373
Dell Laptop Giveaway
just thought id let you know
Pingback: Complete Defiance
Pingback: Social Media Security » Dispelling The Myths Of Facebook Privacy And Security
Pingback: Dispelling The Myths Of Facebook Privacy And Security