Remember the beginning of the end for MySpace? It was all those random “cute girls” that were friending you even though you didn’t know them. You would log in and there would be 10 friend requests from fake friends. Well, it appears that scammers are trying to do a similar thing on Facebook, which until now was extremely difficult for scammers to penetrate. This new attack attempts to get users to click on a spyware site.
While there has been spam attacks on Facebook in the past, none of them were done through the automated creation of fake accounts. This new version, that was originally reported by AVG Blogs, is pretty straight forward (and similar to previous MySpace attacks). Users receive a friend request from an attractive girl which has a link displayed to a website.
The user then clicks that link and is prompted to download something to avoid having their computer attacked. Spyware is immediately installed and their computer gets jacked up. It’s a common method used by spammers but this is one of the first times I’ve seen Facebook’s user registration compromised, if that’s really what’s taking place. The important thing to know is that if you get friend requests from people that you don’t know, you may want to think twice about clicking any links in their profiles.
The fact that spammers have bypassed Facebook’s automated account creation protections means they’ve been investing heavily in getting users from the site. While the best ways to protect yourself are obvious to most people, there are still millions of people being duped by spammers on a regular basis.
![[Inside Social Apps 2012]](http://www.allfacebook.com/wordpress/wp-content/themes/allfacebook2/images/ISA2012_336x100_F_RegisterNow.gif)
![[AllFacebook Stats: Facebook Analytics for Your Business]](http://www.allfacebook.com/wordpress/wp-content/themes/allfacebook2/images/stpro_allfacebookstats.gif)
![[How can Facebook change your business?]](http://www.allfacebook.com/wordpress/wp-content/themes/allfacebook2/images/FMB_A_MAY2011_336x100_F.gif)
LOL @ “jacked up”. Tell it like it is, Nick!
Comment by Montoya — October 1, 2009 @ 5:28 pm
Facebook needs to make every effort to not allow spammers to increase their presence on the platform. "Clean" and "user-friendly" have been Facebook's marquee characteristics from day one and even today, never-ending spam threatens to turn Twitter into the next MySpace.
I'm confident Facebook will take every measure to prevent this breach from happening in the future.
Comment by Facebook User — October 1, 2009 @ 7:40 pm
Hi Nick,
We’ve identified the handful of fake accounts that were created and disabled them. The URL contained in the profiles was quickly blacklisted by the major web browsers and blocked from being shared on Facebook. We use an outside captcha company called reCAPTCHA (http://recaptcha.net), which was recently acquired by Google and is a very well-regarded captcha provider. Based on our investigation and the relatively small number of accounts created, we’re almost certain that they were created manually, rather than by a bot. We think this actually validates the captchas we use, as well as the various other automated security systems we’ve implemented, which severely limited the scope of this attack and enabled us to get all evidence of it off the site before people were harmed. If you have any other questions, feel free to contact us at press@facebook.com. Thanks.
Simon Axten
Facebook
Comment by Simon Axten — October 2, 2009 @ 12:33 pm
Trun Off Twitter and all the stuffs of sapplications' not nessecery like: Suck my Lollypop, be my secret lover, I mean? Whats its that? ( sorry 4 my English, Im French, from Montréal, Canada). My point of view, I dont care about the fake Profil. Its the always the "Pub" Its a real Spams.. That *&?*( Off … THATS THINGS " PUB" = FAIL ! THATS ITS FOR ME.
Comment by Geneviève Thi — October 2, 2009 @ 5:06 pm
i have completed 4 offers for roller coaster kingdom on facebook for coaster cash for that application. it has been more than a week sonce i filled out the form on missing rewards. i have not heard from offerpal on this matter. the offers i did were mobile types with pin's sent to my cell. i am being charged for these text messages from these offers that i completed. i would like to get my points for R.C.K since i did complete the offers and i do have the messages saved on my phone for each offer. like i stated above, i filled out the missing points forms and i have been awaiting a responce for over a week now. please get back to me, this is the last time I will contact offerpal through the net.
Comment by dave shoecraft — October 2, 2009 @ 10:49 pm
Yeah that sux, but when you get spyware or any type of bad software on your computer, it best just to reboot your computer in Safe Mode and then do a System Restore.
Its fast, easy, and free to do…
Comment by doitlive1 — February 22, 2011 @ 8:21 pm