New fraud threatens Facebook users
Dear Habravchane, we inform those of you who are registered on Facebook about the appearance of a new (and for Russians - old) fraud scheme there. Of course, you are smart, reasonable, but many foreign users can get caught. The attackers adopted the model, the infamous participants of the Russian social networks "V Kontakte" and "Classmates", and created for Facebook a special application Profile Visitor, which requests the user access to his wall, promising to show a list of those who visited his page. In fact, a picture is posted on the user's wall with a link to a fraudulent website. In turn, friends of the victim in Facebook receive notifications that they were allegedly marked on this picture, which expands the area of ​​distribution of the malicious link.
Looking at his page on the social networking site Facebook, a user can find in the news feed a link to the Profile Visitor program, which is supposedly able to record and display on a special page of visitors to his profile. The link is usually published on behalf of one of the user's friends and leads to the page of the built-in Facebook application, for activation of which you want to allow the program to publish content on behalf of the user account. As soon as the unsuspecting victim clicks on the “Allow” button, a link to this application will be displayed on the wall of her profile and in the news feed of all her friends. However, even if the user does not allow Profile Visitor to publish any publications on his behalf, everyone registered on his friends list will be automatically marked on the “photo”, which is the advertising banner link of the Profile Visitor application. A notification about this will be automatically distributed to your list of contacts on Facebook.
')
After that, a web page created by hackers containing a dynamically changing array of links will automatically open in the victim's browser. By clicking on any of them, the user will be redirected to various fraudulent sites, the content of which depends on the IP address of the visitor of the page. For example, some of them require that their bank card details be entered to access information, others suggest the user enter their own mobile phone number in a special form and dial the code received in the reply SMS in the appropriate field. This method is practiced mainly in relation to Russian-speaking visitors: in this way, fraudsters sign up for some kind of paid “information service”, for the provision of which a certain amount will be deducted from their account every month.
Pseudo lotteries with various prizes, online casinos, psychological tests, services for the selection of individual diets, etc. were seen among the fraudulent resources shown by clicking on links. All these sites are automatically blocked by Dr.Web SpIDer Gate filter embedded in Dr.Web products. .
Previously, such fraudulent schemes were repeatedly applied to users of the Russian social networks V Kontakte and Odnoklassniki, but now the network swindlers seem to have decided to pay attention to residents of foreign countries. Doctor Web recommends that Facebook users not to install Profile Visitor and not to click on the links with this application, published in its news feed, as well as to be careful and careful.
Looking at his page on the social networking site Facebook, a user can find in the news feed a link to the Profile Visitor program, which is supposedly able to record and display on a special page of visitors to his profile. The link is usually published on behalf of one of the user's friends and leads to the page of the built-in Facebook application, for activation of which you want to allow the program to publish content on behalf of the user account. As soon as the unsuspecting victim clicks on the “Allow” button, a link to this application will be displayed on the wall of her profile and in the news feed of all her friends. However, even if the user does not allow Profile Visitor to publish any publications on his behalf, everyone registered on his friends list will be automatically marked on the “photo”, which is the advertising banner link of the Profile Visitor application. A notification about this will be automatically distributed to your list of contacts on Facebook.
')
After that, a web page created by hackers containing a dynamically changing array of links will automatically open in the victim's browser. By clicking on any of them, the user will be redirected to various fraudulent sites, the content of which depends on the IP address of the visitor of the page. For example, some of them require that their bank card details be entered to access information, others suggest the user enter their own mobile phone number in a special form and dial the code received in the reply SMS in the appropriate field. This method is practiced mainly in relation to Russian-speaking visitors: in this way, fraudsters sign up for some kind of paid “information service”, for the provision of which a certain amount will be deducted from their account every month.
Pseudo lotteries with various prizes, online casinos, psychological tests, services for the selection of individual diets, etc. were seen among the fraudulent resources shown by clicking on links. All these sites are automatically blocked by Dr.Web SpIDer Gate filter embedded in Dr.Web products. .
Previously, such fraudulent schemes were repeatedly applied to users of the Russian social networks V Kontakte and Odnoklassniki, but now the network swindlers seem to have decided to pay attention to residents of foreign countries. Doctor Web recommends that Facebook users not to install Profile Visitor and not to click on the links with this application, published in its news feed, as well as to be careful and careful.
Source: https://habr.com/ru/post/143361/
All Articles