Zscaler Blog

Get the latest Zscaler blog updates in your inbox

Subscribe
Security Research

Facebook Used To Make Scams Look Legitimate

image
JULIEN SOBRIER
December 21, 2011 - 2 min read
One of the recurring web spam themes I saw in 2011, was the "Work from home and make $X,000/month" scam. In some variations of the well-known and well-used scam, websites are set up to look like a well-established newspaper with a front-page (fake) article about making a lot of money from home.

Here are a few examples I saw earlier this year (now offline):


Image
Fake NBC website at hxxp://news11bizopp.com/landing.php

Image
Fake news site at http://www.nbcnews43.com/?news/articleid=8351

The new scam I found this week included an interesting new trick and is still online.

Image
Fake news site at hxxp://newsday7.com/
The site is set up like the previous scams - it claims to be an online, established newspaper, which displays an article about someone who is making a lot of money, working from home.

At the top of the picture, which shows a woman and a girl, on the right, you can see a Facebook Like button that says "214,217 people recommend this. Be the first of your friends." Apparently, 214,217 went to his page and clicked on "Like", making this page look more legitimate.


At first, I thought this was a fake Facebook widget. But this is the real deal, as seen from the page HTML code:


Image
Real Facebook widget (click on the image too see in full screen)
There is however a trick. The "Like" widget does not point to hxxp://newsday7.com/, but rather to http://www.facebook.com/CBS. As you can see in the images taken from the two websites, the number of Likes is the same:

Image
214,217 Likes on hxxp://newsday7.com/
Image
214,217 Likes on http://www.facebook.com/CBS

Facebook allows you to embed any Like widget on any website, even if the domains or URLs do not correspond. Scammers are using this trick to appear more legitimate, by tricking visitors into thinking their website has been visited and liked by many people.

My guess is that this technique is very effective, and will be used more and more by spammers and scammers.
form submtited
Thank you for reading

Was this post useful?

Get the latest Zscaler blog updates in your inbox

By submitting the form, you are agreeing to our privacy policy.