"Free $200 Ebay Gift Card" leads to rogue Facebook app
Posted on 14 February 2012.
A message sharing an "event" offering a "Free $200 Ebay Gift Card for first 10,000 Attendants!" has been popping up on Facebook users' walls in the last couple of days.

Predictably, it links to the Facebook page set up for the "event", and on it is a list of things users are required to claim the gift card:
  • Join the page
  • Invite 50 friends to the event
  • Share the event on their wall, and
  • Visit a linked page.
The page offers a bogus app ("WhosStalking?") that promises to tell them who viewed their profile, but the list of permissions it asks tells another story:

Users who have fallen for the scheme and install the app have now given it permission to post messages and other things on their profiles.

According to Bitdefender, the app immediately takes advantage of this - it posts a message "revealing" how many people viewed the users' profile and, of course, invites the users' friends to get the app for themselves.

Needless to say, the number it provides is bogus, and the only thing that the victims succeeded in doing successfully is to propagate the scam far and wide.


Pen-testing drone searches for unsecured devices

You're sitting in an office, and you send a print job to the main office printer. You see or hear a drone flying outside your window. Next thing you know, the printer buzzes to life and, after spitting out your print job, it continues to work and presents you with more filled pages than you expected.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Oct 9th