Spam Worm Increasing Fast on Facebook
Experts at antivirus firms "F-Secure" and "Sophos" disclosed on 6th September, 2010 (Monday), that cyber criminals have once again targeted Facebook, as they have detected a latest worm.
Though, the former spam promoted free iPhones, the new spam pushed surveys which lured the users with Best Buy and Walmart gift cards, to anyone who completes a marketing poll.
While one of the victims who posted a message reveals that, he thought the survey was RUBBISH, however he just proceeded with the shopping spree at walmart because of the FB = [URL], however that won't keep on going, so he stopped. The other victim discloses that he also felt the same, still got tempted to use the Best Buy giftcard sent to him [URL] for buying a laptop, as reported by Softpedia on 7th September, 2010.
The spammed links differ from message to message in various ways, however each one of them is sent from http://apps.facebook.com/[name]/.
Interestingly, the users are only required to click on the provided link, and as soon as the application gets downloaded, the same fake message gets posted on the users' Wall or/and posts message to their friends automatically.
Normally, before posting on the behalf of a user, the application requires to seek permission, however this aspect is missing here. Because of this, it is advised that this new type of vulnerability quite possibly is a misused cross-site text.
Amusingly, the name of the application changes every time, which makes it difficult for the user to be alert, and it also could be more devious to be stopped by the Facebook's security experts.
It should also be noted that, as these spam messages are mainly generated through mobile web, the fault could be hidden anywhere in the m.facebook.com website.
As per the news reported by ComputerWorld on 7th September, 2010, the Facebook spokesperson stated that the users are advised to be careful of posts and messages containing any doubtful link, even if they are sent from friends, and should report about applications which are violating their policies.
Noticeably, on 7th September, 2010, Facebook declared that it has solved the problem.
Related article: Spam Scam Bags a Scottish Connection
» SPAMfighter News - 15-09-2010