Saturday, November 17, 2012

Facebook Black Makes Social Networkers See Red

Kuala Lumpur, Malaysia, November 16, 2012 –A scam saying that Facebook users can change their profile pages to have a black, rather than the trademark blue background is spreading widely on the popular social network.  This scam is being spread by images on newsfeeds and by event invitations that appear to be sent by users’ friends.

Have you seen an image like this in your newsfeed, shared by a Facebook friend? Or spread via an event invitation?

IT security and data protection firm Sophos is warning users to think twice before clicking on these links, otherwise they could be helping scammers to earn money and spread the scam further.

When Graham Cluley, senior technology consultant at Sophos, investigated this link from a test account, he was bounced through a few website redirects before ultimately landing on a page entitled “Change your Facebook Color”.
"Are you sick fo that boring old blue theme? Well now you have the power to change your facebook color to anything your heart desires."

This page automatically ticks the box saying that the user accepts the page’s terms and conditions, and tells them that they need to take part in an online survey before they can turn their Facebook profile black.
The scammers will be earning money for the number of respondents they can entice to complete these surveys.

“It’s interesting to see that the scammers behind this particular campaign have clearly dusted off some webpages they used in previous scams, as several point towards past campaigns such as the ‘Remove Your Facebook Timeline’ scam from earlier this year,” said Cluley.  “Unfortunately, many Facebook users will be too excited about the prospect of perhaps changing the look and feel of Facebook that they will not spot suspicious clues.”

“If users have mistakenly clicked on links or accepted invitations as part of this scam, they should remove all offending messages, photos and ‘likes’ from their account, check that they’ve not authorised a rogue app to access their account – from where it could steal information or post without asking permission – revoke any rogue app’s publishing rights, and report it as spam to Facebook.”

No comments: