Search This Blog

Showing posts with label Facebook Scams. Show all posts

Facebook's 'Dislike Button' scam

Few days after Facebook CEO Mark Zuckerberg, on September 2015, in a Q&A session announced that the long awaited Facebook ‘Dislike Button’ will be implemented soon, scammers seized upon this opportunity in spreading phishing attacks and malware.

Soon after this, many users got the link inviting them to download the Facebook’s ‘ Dislike Button’, it says that it is "invite-only feature". One of the most popular dislike button scam is titled as “Get newly introduced Facebook dislike button on your profile". Once clicking on these links leads the victims to a malicious websites.

The ultimate goal of the scammer  is to encourage users to share the link on their Facebook page. Once it is  spread on Facebook, they asks you for your personal information and account credentials, or sometimes it  downloads the malicious software causing further damage to the computer.

Zuckerberg,  the co-founder and CEO said that, "We are working on it, and are very close to shipping a test of it."

Computer security expert Graham Cluley  showed this concern over this on his blog.  "Scams like this trick you into liking pages, and sharing the link with your friends, using the bait of something some cases they will even lead you to pricey premium rate mobile phone subscriptions, online surveys that generate the scammers income, or trick you into downloading malicious code onto your PC."

And advised that, "Don't be duped. If you're a Facebook crack-addict then try to resist the urge of falling for the latest scam, and wait for Facebook to properly roll-out new features as and when they choose."

Acai Berry Diet Facebook spam attack: Don't buy, don't try, don't reply, says expert

Most of the Facebook users would have noticed various websites promoting Acai Berry diet products. Sometimes, even our friends recommend Acai Berry advertisements on Facebook. However, think twice before you click on those links. If you do, you end on some diet supplement scam page.

In the Acai Berry scam, we can only see two successive postings on our Facebook Timeline without our permission. Like:

“Successfully results in this particular health solution.”

Then, here comes a follow-up post as if anyone has forgot

“The link, hehe..”

Paul Ducklin, a computer security expert, wrote on Naked Security's blog post “You'd be right to be suspicious, at least if you know your friend is competent in English, because some of the phrases stretch the limits of comprehensibility. However, we're guessing that there are two postings in order to add some kind of human-sounding realism.”

He added that it was understandable that automated bogus messages wouldn't forget the link in the first place. And secondly, humans would rush to correct their error with comments saying "hehe."

The expert said that short links like: URLs have been used in the campaign and seem to have redirected to URLs.

For example: [hexdigits].my.test/[letters]/image_[hexdigits].jpeg

“If you click through to the buy page and check the very limited disclaimers and FAQs there, you'll find that the product only helps you to lose weight if you combine it with a diet specifically designed to make you lose weight. So, assuming that you spot the scam for what it is before you fill in your credit card number on the buy page, and bail out, you should be OK,” he added.

“Don't buy, don't try, don't reply,” he wrote.

He suggested that if anyone gets to know about he/she has been posting ‘out-of-character posts’ without his/her approval, please check the following:

•             Is your computer patched and up-to-date?
•             Is your anti-virus up-to-date and running properly?
•             Has someone else been logging into your accounts?
•             Did you use the same password on multiple sites?
•             Have you authorized any apps to access your social media accounts?   

Facebook hoax "Prayers for Like"

The message is a disgraceful hoax designed to get maximum number of likes for a facebook page and further promote it through sharing the message.

A baby's photograph was taken out illegally from a personal facebook profile and is circulated without the parents permission. Unfortunately the baby from the photograph died two weeks after her birth. As the baby's picture is being circulated without the parents permission, it is causing great pain to them. If this hoax message comes your way, do not like or share it. Advisory, report this particular message to Facebook.

According to the facebook's currently distributed hoax message, you can offer prayers to this baby girl by liking or sharing the picture. However, liking or sharing the particular message would not help the baby, infact would cause considerable distress to the parents and make them belligerent.

The people who create these messages are highly motivated by the green eyed monster and look through the children whose pictures they misuse. Facebook pages with large number of likes are a source of black market and can also be sold to inhumane internet marketers and used to make further scam and hoax messages.

Believes of offering prayers for someone who is unfotunate is sane but reciprocating it through social networking sites is simply absurd. Are we to believe on a denigrating fact that, “almighty has a deal with facebook that one shrare contributes hundred prayers?”

Not only this it can also be seen on other pages including images of God and Godesses and they ask for a like or comment to seek There blessings.Well its ironical that even the Almighty now needs likes, shares and comments on their images for blessing the mankind.Huh.Well my suggestion is open up your eyes and think broadly.

If this message comes your way, do not like, share or comment on such a post. It plays in favour of inhumane and immoral people who earn from such hoaxes.

The company needs to take action that ensures that these scam messages are removed from the network as quickly as possible.

Moreover, facebook has actually removed some of the messages, as they have been reported a number of times. The company should ensure that these hoaxes are removed from the network as quickly as possible.

Scam Alert: Your Facebook Accounts will be Permanently Disabled

We have seen large numbers of facebook posts that promise something, but it turns out to be a scam.  Fb users are still believing such kind of posts and blindly following the instructions.  So, Cyber criminals are keep coming up with new themes to trick users.

Over the past few days, i have been receiving a facebook notifications informing that one of my friends mentioned me in a comment.  I had a look at the post, it is none other than a facebook scam.

The scam posts says "to all facebook users Your Facebook Accounts will Permanent Disable. you must register your account to avoid permanent disabled . How to register? Go to our pinned post. and follow instructions carefully!" 

It asks you to copy and paste some code in the console of your browser.  By blindly following the instructions of scammers,  users are allowing scammers to do various actions('like', 'sharing', 'tagging friends' and more) on their behalf.

Earlier this year,  we learned that scammers were tricking users by promising them that following the instructions will help them to hack their friends' accounts.

Facebook Scams: "Hacking any Facebook Account", "Facebook Music Theme"

A new facebook scam which is claimed to be a script to "Hack any Facebook account" is spreading like Wildfire.  Recently, i also came across a facebook scam post that promise a "Facebook Music Theme". I've been tagged in the spam posts by more than 20 friends within a week.

The post has a link to a script file which is randomly hosted in dropbox, pastebin, textuploader and other file hosting services.

The post tricks users into thinking that it is a script to hack any facebook accounts.  It urge users to use it before it is getting blocked by facebook.

It asks them to copy the script and paste in the "console" section of the "inspect element" option in your browser.  It claims you will get username and password once you done the process.

Here is what exactly happening:
When you execute paste the code in the console section, it will run the code on behalf you.  So, it will send several requests including "Like" & "comment" request".  It means that you are unknowingly "liked" and "commented" on the scammer's pages.

It also tag all of your friends in a comment so that it can spread the scam further and get more victims.

I can't believe that there are still plenty of people out there who still believe some stupid scripts can hack accounts.

Are you one of the victim who followed the stupid instructions? 
No need to panic.  As far as i know, the script only "likes"& "comments" on behalf you.  So, you can simply go to "Activity" log page in your account and unlike & uncomment them.  If you are reading this article, make sure you are not doing the same mistake again.

Facebook Scam: World's Largest Snake Video and Shark Eating Man Videos

Facebook Survey Scam
Attention Facebook users ! If you are seeing a Facebook post promising outrageous videos, for instance"Shocking video: World's Largest Snake Video, Don't click it, It is nothing other than Survey Scam.

There are various facebook posts circulating with different bogus title in facebook that leads to a survey scam page.

So far, the topics used in the scam campaign are " SHOCKING VIDEO World’s Largest Snake Found In [Brazil /Mexico ]", "Exclusive: Shark eats the swimming man in an Ocean!! Watch the video".

Facebook Scam post
The user who clicks the link in the post will be taken to a web page where they are asked to complete the survey in order to view the video and share the video in their facebook account.

At the end, you will get nothing other than being a victim of the scam.  Remember, there is no such videos.  If you come across these kind of posts, just ignore it /report it to Facebook.

Facebook Spam: "She went inclusively nuts and lost all control of the razor-sharp axe"

A new spam that preys on people's curiosity is circulating in Facebook.  Today, E Hacking News has come across a new spam campaign.  The spam post has a picture of women that looks like a video.

"she went inclusively nuts and lost all control of the razor-sharp axe Well, Watch what [Tiny_URL]" The spam post reads.

Facebook spam post

Following the link provided in the post takes the users to a page where it says "She did this at the tender of age 15" and the site displays an image mimicking an embedded video player.

After clicking the image, i am really inspired by the clever work done by the CyberCriminals.  When a user click the image, it asks users to press three shortcuts one by one - Ctrl+L, Ctrl + C, Ctrl +W .

I know what the last two shortcuts do but not sure about the first one.  I've managed to find the usage of the Ctrl+L shortcut in browsers.  It is being used for selecting the URL.

So the shortcuts are for selecting&copying the url and closing the windows.  But wait a second, i failed to notice one thing.  When i clicked the image , the page opens a new window.

Small window -1

Small window  -2

Interestingly, the new window is so small and not visible.  So pressing the shortcut keys copies the URL of the new-window and closes the window.  The URL contains the victim's authentication token.

A victims who fail to notice the window and follow the instructions soon find them-self victim to the Facebook spam post.  The spam will be posted in the victims' wall using the hijacked authentication token. 

Google's Blogger is being abused for spreading Spam in Facebook

Cyber Criminals now started to abuse the Google's blog-publishing service Blogger for spreading their Sex Tape spams in the Facebook. Today, E Hacking News come across two facebook spam posts that links to a Blogspot address.

In one of the Justin Bieber sex tape spam, the cyber criminals used the title of the video link as "Watch Justin bieber s3x tape" and posted "I can't believe this is for real , omg is this true" from the victim accounts.

In another spam post, the title is mixed with numbers to bypass the spam detection "[VIDEO] R1HANNA S33X TAPE" .

When a user click the link , it leads to a blogspot page redirects to a malicious survey scam page where user asked to click a button & copy the content of the address bar and submit for verification.

If the user do as instructed in the page, soon he will find himself as a victim of Facebook spam and his account will be used for spreading the spam post.

Previously, we have detected that the scammers abused the Tumblr for spreading the spam in facebook .

Facebook & Tumblr being abused for spreading "John Cena Dies of Head Injury" spam

Today , one scammer posted a spam message in E Hacking News fan page that reads " John Cena of WWE died in a head injury while training! Watch the original video clip here >>>  [Facebook_Group_Link]"

Clicking the link leads to a group post with title "Exclusive vids".  The post has the following message:

John Cena (John Felix Anthony Cena) of World Wrestling Entertainment died in a head injury while perfecting a wrestling stunt with WWE wrestler, Dwayne Johnson or also known as The Rock. Authorities are now investigating. Watch the original video clip from WWE and their effort to save JOHN CENA (for 18 years+) CLICK HERE --------->[Bit_ly_Link]
Clicking the link will lead the victim to a Tumblr page where it displays a GIF image that looks like a buffering video interface. The GIF displays a fake error message " Ahhh your social media player needs to update click here and then click add to update"

Once the victim click the link, it redirects to another page where users are being asked to paste the "Access token" .

Last year, the Hoax-Slayer identified similar spam post that claims the John Cena of WWE died.

"Miley Cyrus sex tape leaked on the Internet" Facebook scams steals Authentication tokens

miley cyrus facebook scams

Tempting Facebook users with the promise of sex tape videos of celebrities are not new, but cyber criminals still choose that method as social engineering attack is one of the successful way to achieve their malicious goals.

The latest scheme starts with a post titled "Breaking News : Miley Cyrus sex tape leaked on the Internet. Millions of men called in stick after seeing it." The post has a huge thumbnail propagating the scam displays a closeup of the singer, apparently in a state of rapture.

When a user click the image, they are taken to a website where the video appears to be hosted. When victims want to play the click, they are asked to verify their age by copy and pasting their Facebook authentication token into text box.

The token allows the cyber crooks temporary access to the targeted Facebook account, including the victim’s list of friends.

According to Hot for Security report, users who fall for it will see their Timeline flooded with posts advertising the aforementioned video. Even worse, all their friends will be tagged to make sure that they don’t miss it.

"Get Free iPad 3 !" Beware of Facebook and Twitter Scams

While everyone anticipating that Apple will announce a new version of its iPad tablet computer in San Francisco on March 7th, Scammers have decided to take advantage .

Sophos security researcher come across a Facebook and Twitter Scam post that claims "Get free iPad 3". The interesting thing, iPad 3 doesn't exist yet.

"As Apple hasn't even announced the existence of an iPad 3, these posts and pages (some of which have existed for months) are clearly up to no good," says Researcher Graham Cluley.

"Chances are that we will see Apple announce an iPad 3 very soon. But don't be duped into believing there's an easy way to get one for free." He added.

"Your profile has qualified for an award of $2M" Facebook Gold Membership Scam

Hoax-Layer come across a new Facebook scam which claims to be from Facebook Team, informs that that recipient's profile just completed It's 100% Gold Status membership which has qualified you for an award of $2,500.000.00 (Two Million Five Hundred Thousand Dollars) by Facebook.

The Scam Message:


We happily announce to you that your profile just completed It's 100% Gold Status membership which has qualified you for an award of $2,500.000.00 (Two Million Five Hundred Thousand Dollars) by Facebook.

You are therefore advised to contact our Executive Secretary for further directives on how to receive your award sum.

Ensure to quote the following information for authentication:
Full Names, Address and qualification numbers to the Executive Sec with your Gold Membership Qualification Numbers: (FB-57-20100, BB-456-76FUB)

Contact Person: Mrs. Florence Alison (Executive Secretary)

Payment would be made to you and other qualified members not later than 7 working days from the date of this notification.

Note: Ensure to keep all winning information strictly confidential to avoid double claims which may lead to disqualification.

Sincerely yours,
Facebook Team

The victims who fall for this scam and contact the "Executive Secretary" as instructed will soon be asked to send upfront fees, ostensibly to cover various - entirely imaginary - costs such as insurance, legal and banking expenses
The scammers will insist that these fees cannot be deducted from the cash award, which of course is also entirely imaginary.

"Your account info has been changed" - Fake Facebook notification delivers keylogger

A spam mail that poses as a notification from Facebook and claims recipient's account information has been changed , leads to malware attack.

The spam mail with subject "Your account information has been changed" hides the content and ask users to install the Microsoft Silverlight in order to view the content. If you take your mouse over the image link, it points to a .PIF(Windows executable file) file hosted in Malaysian IP address. BarracudaLabs identified this trojan as Trojan.Win32.Jorik.

Clicking on the Silverlight graphic does warn you that you’re about to run a program. This is why the Microsoft graphic is a clever addition to the ruse – you think you should be running a Microsoft program, and it’s doing exactly what you expect.

Once you click the Run button, the Trojan will take care of your system and send your keystorkes to it's master.

New Facebook survey scam claims Chuck Norris dies at age 71

Scammers spreads a new scam message on facebok that claims "Chuck Norris dies at age 71" and offer a link to a news report video but the link leads to a Survey page , the scam spotted by sophos researcher.  Chuck Norris isn't dead

The scam message:
[video] Chuck Norris dies at age 71! Not a Joke.
See the video to find out how he died. News today of Chuck Norris death at age 71 has been met with confusion and humour, but sadly it is true.
Clicking the video link will land you in survey scam page . The page will ask you to complete the survey in order to watch the video.

When Sophos researcher analyzed the scam, it took him to a website claiming to offer a free £100 Starbucks card.

If you see this kind of scam message that ask you to complete their survey, just ignore it, they will never give what you want.  If you shared the message with your friends, remove the message from your wall. 

"Free Mobile Recharge Coupons" scam hijacks Facebook accounts

A recent phishing scam "Free Mobile Recharge" targets Facebook users, hijacks accounts and making impossible to recover the account, warned by McAfee.

The scam automatically post a tricky free recharge offer on the victim's wall to convince their friends to click on that link. Following the link will land you in a phishing website, which asks for their Facebook account details. Once you fill the detail and press the login button, it will take you to survey page. Meanwhile it will send your login details to attacker.

The same scam message is posted on that victim’s wall to further spread the attack.

The attacker not only change the account passwords but also deleted their primary information such as email . Even if the victims try to reset their passwords, they will never get the password reset email from Facebook.

Get $50 Dollar General Gift Card for FREE to all facebook users : Facebook Scams

A New Facebook survey scam claims that uses who click a link will receive a free $50 gift card from variety store chain Dollar General, Hoax-Slayer report says.

Usually, scammers use this survey scams to get victim's personal information including name, address and contact details. This details can be used for scamming further or any other malicious purposes. Some other scammers trick users into download dubious toolbars, games or software. Still others will claim that users must provide their mobile phone number - thereby subscribing to absurdly expensive text messaging services - in order to get the results of a survey or go in the running for a prize.

No matter how many offers or surveys they complete, or what services they subscribe to, victims will never receive the promised gift card.

The scammers who create these bogus promotions will earn commissions via suspect affiliate marketing schemes each and every time a victim completes an offer or participates in a survey.

If you see these kind of scams in facebook , just delete and never click any links.

Facebook Phishing Scam promotes Indonesian rock star

A New Facebook phishers used Indonesian Rock star as beit for their phishing sites.

"This is unlike the previous Indonesian adult scams whose phishing pages gave the impression that the adult video would be of a random celebrity. In October 2011 phishers continued their adult scams on Facebook, but this time they chose the Indonesian rock star Ahmad Dhani in particular." reported by Symantec.

Dhani is the frontman of the rock bands “Dewa 19” and “Ahmad Band”.

The phishing site contained a photograph of Ahmad Dhani and Indonesian singer Dewi Persik. The Indonesian caption of the photograph translated: “To view videos of Ahmad Dhani recorded from CCTV cameras, please login below”. After users entered their Facebook login credentials, the phishing page redirected to a pornographic website. Of course, if users gave away their login credentials to the phishing site, phishers would have successully stolen their information for identity theft. The phishing site was hosted on a free Web hosting site.

Celebrities have been a common target in phishing attacks. In the past, we have seen Aishwarya Rai and Katrina Kaif used as phishing bait. Phishers are choosing celebrities with a large fan following because they perceive a larger audience will mean more duped users.

Security Tips to avoid Phishing Attack ,provided by Symantec:
  • Do not click on suspicious links in email messages.
  • Avoid providing any personal information when answering an email.
  • Never enter personal information in a pop-up page or screen.
  • When entering personal or financial information, ensure the website is encrypted with an SSL certificate by looking for the padlock, ‘https’, or the green address bar.
  • Frequently update your security software, such as Norton Internet Security 2011, to protect you from online phishing.
Security Tips from BreakTheSecurity:
  • Before entering the login information ,check the url
  • Use Secure Connection(Ex:
  • Use some AntiPhishing Addon(ex: FirePhish)
  • Don't forget to read our Security Tips Blog:

    Facebook Rumor "Facebook Just Released Their Price Grid For Membership"

    A rumor is spreading in Facebook "Facebook Just Released Their Price Grid For Membership, need to pay for new profile".

    The Fake news circling in :
    Facebook just released their price grid for membership . $9.99 per month for gold member services, $6.99per month for silver member services, $3.99 per month for bronze member services, free if you copy and paste this message before midnight tonight. When you sign on tomorrow morning you will be prompted for payment info…it is official it was even on the news. Facebook will start charging due to the new profile changes.
    If you copy this on your wall your icon will turn blue and facebook will be free for you. Please pass this message on if not your account will be deleted if you do not pay.

    Another Fake news:
    “This is official… it was even on the news… facebook will start charging due to the new profile changes… if you copy this on your wall your icon will turn blue and facebook will be free for you. Please pass this message on, if not your account will be deleted if you do not pay!!”

    Ha Ha ha..!! sounds funny.

    This is fake news, no need to worry about it.

    This is Status update on Facebook Official Page:
    A rumor on the internet caught our attention. We have no plans to charge for Facebook. It’s free and always will be.

    Note: It has a strong competitor in Google+ , they wouldn't never go premium.