It seems to be a never-ending battle in Facebook world. It’s a cybercriminal’s dream pond. Applications, games, photos, cute stuff…all these great, fun, seemingly innocent things to click, and then BAM! You’ve found yourself posting spam stuff ALL over your friends’ walls, and you had no idea this was happening.
Word to the wise: Do not click anything that comes from a friend if it seems too good to be true. There is no free iPad and no free Southwest Airline ticket. (I actually got one of those posted last night on my Facebook wall, and since I fly Southwest, I emailed the person immediately that sent it to me and asked her if she posted it. “Absolutely not,” she said.
Hacker Journals just posted an article on the iPad giveaway.
F-Secure researchers decided to click through what they were presented and ended up entering login credentials to a dummy account of theirs to see if it would get compromised. Immediately after having entered them and having pressed the “Login” button, a notice offering free laptops and iPads pops up.
A click on any of the “Claim Now” buttons takes the victim to a page offering a free Smiley toolbar – but no free iPad:
“No Spyware,” it says. “We take pride in our products!”. But if the user falls for the claim and downloads the offered .exe file, spyware is exactly what he will get.
In other words, it’s a phishing scam combined with malware distribution.