All Roads Lead to Profile Peeker

 

We’ve already seen that the Facebook scam model works on Twitter as well. Back then, we proved not only that the same bait -“how long have you spent on [platform of  choice]”- worked wonders in both environments, but also that the account the common scam was launched from had been used to spread malice on Facebook before. So, what brings online socialites and micro-bloggers under joint fire again?

Recent “See who viewed your profile” descendants covertly disseminated on Twitter do away with social engineering altogether. It appears that at least some fake app creators no longer trouble themselves with old school tricks, such as adding a testimonial (“wow this really works, now!!!!”), claiming to launch the “official” app or simply trying to rephrase life back into the app name (see who’s stalking you, see who you biggest admirer was last year, your profile views, etc.).

These eccentric scammers go random all the way, by following this simple recipe:

1. Create several Twitter accounts (random names will raise no doubts)
2. Make up a (random) list of Twitter users
3. Send them (random) direct messages with a link, such as :

@example1 LoL! [link]/ @example2  i got home [link]/@example3 just ate a burger [link]

If the victims click the link, they’ll be taken to yet another Facebook page of the Profile Viewer:

Does this work? To a point, it does. Given that the initial message sent to prospective victims has no connection to the profile viewer theme, people might actually click the link more readily. Plus, it’s quite difficult to identify a pattern in the way these messages are generated. However, the purpose of the Facebook page advertising the app should be easily identifiable. And that’s where the “no social engineering” trend hits a wall.

Inefficient though this experiment might be, don’t forget to click wisely!

This article is based on the technical information provided courtesy of Tudor Florescu, BitDefender Online Threats Analyst.

All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.