Last week an interesting media release from anti-virus company Bitdefender appeared in the inbox describing a tricky little scam that promises to change Facebook page colours but actually grabs a user’s information to set up fake blogs associated with the victim’s email address.
Those fake blogs in turn link to a working from home scam, the type which are becoming depressingly common online. No doubt the malware authors have some sort of interest in that scheme.
What makes this malware interesting is how it brings together a range of opportunities for the malware writer – social media, apps, data aggregation, identity spoofing and the Ponzi affiliate schemes that are prevalent as people try to find new ways to supplement their income.
Many people say “I’d never get caught by these scams” but the reality is the scammers are rat-cunning, if not clever. Assuming you’re immune to these because you’re too smart, or you use a Mac or there’s nothing of value on your computer is a risk in itself.
Here’s the media release from Bitdefender.
Google Chrome App grabs identities, forges blogs in victims’ name to promote scam
Bitdefender catches Facebook colour scam with both hands in cookie jar
SYDNEY/AUCKLAND – November 19, 2012 – A Google Chrome app that promises to change the colour of Facebook accounts instead nabs authentication cookies and generates dozens of blogs registered to the victims’ Gmail address, in a new scam analysed by Bitdefender, the leading global antivirus company.
Once the malicious app is installed from Google’s Chrome Web Store, it starts displaying a large Google Ads banner redirecting users to a “work from home scam.” When clicking the sign-up link, users are redirected to a fraudulent website.
“Scammers gave a new twist to the old change-your-Facebook-colour scheme that’s been luring users to fraudulent websites to grab credentials and other sensitive data,” says Chief Security Strategist, Catalin Cosoi. “By creating dozens of blogs for a single account, the scam spreads like wildfire among Facebook friends.”
The blogs generating under the email address of the victims, which are used in further disseminating the scam, have registered a large number of hits among users in the US, the UK, Germany, Spain, Romania, and other countries.
The app can also post wall messages on the victims’ account. The messages use friend tagging to convince the victim’s friends to visit the blog domains. Each time the app posts on a users’ timeline, it links to one of the auto-generated blogs as to avoid blacklisting.
Bitdefender encourages users to use an antivirus solution and the free application Safego, which protects Facebook and Twitter accounts from scams, spam, malware and private data exposure.