We recently analyzed a Facebook spam that supposedly came from media organization, British Broadcasting Corporation (BBC). This reminded us of how cybercriminals used social networking site, LinkedIn, early last month.
The attack starts with a wall post with the subject, BREAKING: Lady Gaga Found Dead in Hotel Room, and a link to the legitimate site, www.bbc.co.uk, as well as a description that says, “This is the most awful day in the US history.”
This lured users with a video that was supposedly hosted on BBC’s site. Clicking the link in this wall post, however, actually redirected users to a malicious site.
This site contains URLs, buttons, and images that replicate the legitimate BBC site. In reality, however, the page only contains a large image with the Play button being the only clickable element. Users who were curious enough to check out the video were prompted to complete a survey before they could play the video. While this is happening, their respective accounts were being set to Like the wall above-mentioned wall post.
Clicking the You won! button leads to ad sites that allow attackers to earn money from every user visit.
During our analysis, we also noted that this Facebook spam does not display a warning message for the site redirection, thus bypassing the site’s SSL/HTTPS feature even if it is enabled.
Such Facebook attacks that use news items featuring celebrities, pop icons, and significant world events are something that we have seen before. Just recently, we noted a similar Facebook ruse, which used the recent demise of singer Amy Winehouse and required users to answer a survey and to disclose their mobile phone numbers.
Users are advised to continuously be wary of such threats and avoid clicking links to such scams on Facebook. Trend Micro protects product users from this attack via the Smart Protection Network™ by blocking all related URLs.
As cybercriminals persistently look for ways to use Facebook and other social networking sites for their malicious schemes, social media users can protect themselves by checking out our report, “Spam, Scams, and Other Social Media Threats.”
Needless to say, Lady Gaga is still alive.