Remember the beginning of the end for MySpace? It was all those random “cute girls” that were friending you even though you didn’t know them. You would log in and there would be 10 friend requests from fake friends. Well, it appears that scammers are trying to do a similar thing on Facebook, which until now was extremely difficult for scammers to penetrate. This new attack attempts to get users to click on a spyware site.
While there has been spam attacks on Facebook in the past, none of them were done through the automated creation of fake accounts. This new version, that was originally reported by AVG Blogs, is pretty straight forward (and similar to previous MySpace attacks). Users receive a friend request from an attractive girl which has a link displayed to a website.
The user then clicks that link and is prompted to download something to avoid having their computer attacked. Spyware is immediately installed and their computer gets jacked up. It’s a common method used by spammers but this is one of the first times I’ve seen Facebook’s user registration compromised, if that’s really what’s taking place. The important thing to know is that if you get friend requests from people that you don’t know, you may want to think twice about clicking any links in their profiles.
The fact that spammers have bypassed Facebook’s automated account creation protections means they’ve been investing heavily in getting users from the site. While the best ways to protect yourself are obvious to most people, there are still millions of people being duped by spammers on a regular basis.