I dub thee Admin of Page [x]. Arise and Get your Scam



Mechanism:The scammers create a fake Facebook page and a customized tab. In the customized tab, which they set as a landing page (meaning that this is where the user will get to when clicking the link) they implement a redirect functionality. To advertise this page, the scammers will add various Facebook users to its admin list page. When users are made admins of a Facebook page, they will be notified about that in the Facebook notification area and through an e-mail.

Upon receiving the respective notification, users will be curious to click the provided link precisely because they do not know that page or remember ever taking any action with a view to becoming its admin. When landing on the fake Facebook page, they will be redirected to another malicious webpage. In the variant we identified, the malicious page is used to collect victims’ personal data (e-mail address and shipping address).

1. Message displayed on the malicious page used for the illicit collection of personal data

Why it’s interesting: the scam uses two Facebook specific spreading mechanisms which ensure high visibility: notifications and direct e-mail.

2. Notification used in the scam dissemination process

The main social engineering elements in this case are: 1. getting users curios about why they were made admins of a page (apparently it’s something to be proud of within the social community) and 2. the classic iPad bait (though in this case, it’s not supposed to be given away for free, but sent through mail, for testing purposes).

What to do if you come across this scam?First off, do not provide any details through the  form displayed on the malicious web page. Second, remove yourself from the admin list of that page. To remove yourself from the administrators’ list of the malicious page, please follow this link: https://www.facebook.com/pages/manage/
Click the Edit info option next to the page you do not want to be the administrator of. Then click Manage admins and remove yourself from the list. This should solve the issue.

3.How to remove yourself from the admin list of a page

You can also follow the directions in this tutorial: https://www.facebook.com/help/?faq=19375&ref_query=remove+admin

This article is based on the technical information provided courtesy of George Petre, BitDefender Threat Intelligence Team Leader

All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.

About the author

Ioana Jelea

Ioana Jelea has a disturbing (according to friendly reports) penchant for the dirty tricks of online socialization and for the pathologically mesmerizing news trivia. From gory, though sometimes fake, death reports to nip slips and other such blush-inducing accidents, her repertoire is an ever-expanding manifesto against any Victorian-like frame of thought that puts a strain on online creativity. She would like to keep things simple, but she never does.