"Free $200 Ebay Gift Card" leads to rogue Facebook app
Posted on 14 February 2012.
A message sharing an "event" offering a "Free $200 Ebay Gift Card for first 10,000 Attendants!" has been popping up on Facebook users' walls in the last couple of days.

Predictably, it links to the Facebook page set up for the "event", and on it is a list of things users are required to claim the gift card:
  • Join the page
  • Invite 50 friends to the event
  • Share the event on their wall, and
  • Visit a linked page.
The page offers a bogus app ("WhosStalking?") that promises to tell them who viewed their profile, but the list of permissions it asks tells another story:


Users who have fallen for the scheme and install the app have now given it permission to post messages and other things on their profiles.

According to Bitdefender, the app immediately takes advantage of this - it posts a message "revealing" how many people viewed the users' profile and, of course, invites the users' friends to get the app for themselves.

Needless to say, the number it provides is bogus, and the only thing that the victims succeeded in doing successfully is to propagate the scam far and wide.






Spotlight

Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //