Tell them what you think, feel, do or would like to do at all times. This is the basic principle behind the Facebook status: a direct connection to the social community members’ flow of breaking news about themselves. Whether it’s just “having a beer. long day” or an intricate expression of the author’s latest revelation about the meaning of the mechanics of the universe, the Facebook status has become the main form of expression of online socialites. The two basic rules it abides by are: change it often and make it memorable so it will have its chance at glory in the brief interval that it’s still visible to the others.
No wonder, then, that a Facebook status that’s supposed to have had a negative impact on someone’s life will make all curious out there bounce with joy and clap their hands impatiently. Apparently the more drama, the merrier its viewers – Does “his Girl Killed Herself After the Dad Posted This On Her Facebook!” sound familiar? Better not.
In this case, the promised piece of drama is a girl being expelled from school because she supposedly expressed a set of (irreverent?) thoughts in her Facebook status. It’s implausible enough to make some people click the link.
And this is the beginning….not of a beautiful friendship (this is hard core virtual reality, not Casablanca, people!) but of a long trail of tears. Step two explains the dangers of posting on Facebook things that your teachers might see and which might cost you your future.
This warning may send shivers down young rebels’ spines, and it might also get them distracted enough not to think twice when being requested to login and to allow an application to be downloaded – actually a Facebook worm.
The Post to my wall permission is there to ensure the worm’s rapid spread as the messages it will post on the wall, of the victim and on that of the victims’ friends will trigger a cascade of viewers who are very likely to follow suit.
But this is not all. Where there’s tension, there’s the promise of a thrill. So there goes another step towards the much awaited status: take a quiz. A splurge of social engineering techniques appears here as well. Let’s take the goodies one by one: key words SECURITY CHECK right there, in the title; then the warning about “spammers flooding servers” and the handy solution of a human verification test; two enticing quiz titles (How stupid are you and Is this your true love?) and, the final touch, the promise that “the content will unlock instantly”. Oh, no! 32,754 people like this?
What happens here? Nothing much. Just some old school money making from adwords.
Your next question will probably be: “Ok, so how big is this thing, after all?”. Here are some nice statistics for you. This scam spreads based on several URLs, so we’ll have a look at the data available for one of them.
Source: goo.gl service
As you can see, 28,672 clicks on this URL is not such a bad harvest at all. Moreover, the Referrers table clearly illustrates that those clicks came from Facebook or from Facebook mobile, which means that this is the scam’s primary victim pool.
But the Visitor profile section, especially its Platforms breakdown constitutes a true revelation. “By mainly focusing on finding malware specifically designed for mobile platforms, data security researchers may lose sight of a mobile platform threat that’s already there: social network scams ”, stated BitDefender Threat Intelligence Team Leader, George Petre. “These statistics prove that the scams targeting social networks are platform-independent and that they tend to be as widely spread as those targeting PCs. Approximately 24% of those who clicked one of the malicious URLs used mobile platforms, which indicates that social networks scams may be the biggest current threat for mobile devices ”, added George Petre.
On a positive note, BitDefender is there to keep all Facebook users safe. BitDefender safego is a free application, now in beta, designed to protect Facebook users from spam and from other e-threats. Adopted by almost 30, 000 users already, BitDefender safego offers protection against this scam and it may just save your day. Happy sharing, everyone!
This article is based on the technical information provided courtesy of George Petre, BitDefender Threat Intelligence Team Leader
All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.