Zscalerのブログ

Zscalerの最新ブログ情報を受信

購読する
Security Research

Facebook Under Attack By Scammers

image
THREATLABZ
May 17, 2011 - 2 分で読了
Facebook is facing no shortage of attacks from scammers. Yesterday, I posted a blog about a recent scam being circulated on the Facebook network and only a few hours later, we uncovered yet another one. The goal of this scam remains the same as earlier one, namely to coerce Facebook users into completing various surveys which in turn generate money for the scammer. The interesting fact about this scam is that it is not only posting the malicious message to the wall of the victim’s friends, but it also gets a list of online friends to send them chat message like “hey you are still there?Check my wall for the link ^_^ It showed me who viewd my profile. Amazing :p" with a link to the malicious domain. Here is what the wall posts look like:

Image
When a user clicks on the links in the message, they are presented with a fake pop up displaying how many friends are supposedly viewing the victim’s profile. Here is a screenshot:

ImageRemember, this is fake message and each time it is accessed, it simply generates a random number– this has nothing to do with actual users viewing your profile (something that Facebook does not share). The page also suggests that the user must copy and paste JavaScript into the address bar, which will of course execute the JavaScript in the context of the victim. This is similar to the earlier scam. Once the user runs that malicious code, they are presented with some fake messages requiring that they undertake surveys or view additional messages: Here are the screenshots:
Image
ImageAs mentioned, the attack also sends chat messages to online friends in order to further spread the attack. Here is the screenshot of the associated source code:

ImageThe malicious code also forces the victim to become a fan of “OSAMA” Facebook pages. Here is the screenshot of that code:

ImageFacebook is currently losing this cat and mouse game. As quickly as they take scams down, new ones appear and take their place, each time evolving the tactics slightly to evade detection. This is second scam we uncovered in only a few hours. Facebook needs to do a better job protecting its users. Both of these scams use the same techniques of social engineering users into pasting JavaScript into the URL bar – something that we’re seeing on a more regular basis and something that would never be required by a legitimate page.

Nasty Scams!!!
Umesh
form submtited
お読みいただきありがとうございました

このブログは役に立ちましたか?

Zscalerの最新ブログ情報を受信

このフォームを送信することで、Zscalerのプライバシー ポリシーに同意したものとみなされます。