Lightweight Facebook social engineering scam
We've gotten reports (thanks to Steve who first reported it) of Facebook users receiving messages indicating that their photos have been stolen and posted to a different site (blinksnap.com and cheepfry.com). When you go to the sites, they request name, email and a password and then show you a picture of a monkey as a joke. However, if you enter your facebook account info, all your friends are sent the following message:
"Have been uploading your pics on blinksnap-com-go there
Has anyone informed you your photos are on cheepfry-com-go there"
This doesn't have to be a huge threat. It's only an issue if you are silly enough to provide it with meaningful credentials if you reply at all. Please folk, remember to use unique credentials and don't give away your username/password.
UPDATE: Jeff pointed out that many/most of the sites that are connected to this scam seem to be using an IFRAME pointing at rotating-destination.com/taf/taf.html and most of the sites are resolving to a single IP address - 208.78.242.184
Comments
"Are you aware that your pictures are on thumprush-com-check it out"
To see your Wall or to write on Kylie's Wall, follow the link below:
http://www.facebook.com/n/?profile.php&v=feed&id=681043589
Thanks,
The Facebook Team
Hairy
Dec 29th 2008
1 decade ago