Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    August 2015
    S M T W T F S
    « Jul    
  • Email Subscription

  • About Us

    The truth about the Facebook Profile Viewer is simple: it doesn’t exist.

    You can check every Facebook page or app available, but you can be 100% sure that each one that says “See who viewed your profile!” or “Who’s stalking you?” is just a ruse for Facebook users to reveal their passwords or spread spam. How do they do this? Clickjacking is a surefire way. In a typical clickjacking attack, cybercriminals hide malicious content under the guise of legitimate pages and may use malicious JavaScript to load content from third-party sites, all in a few clicks.

    But what happens if cybercriminals turn to different and newer techniques? Having users type in commands on their keyboard would be a real game changer. Here’s how:


    A closer look at a comment within a spammed wall post showcases the start of a different strategy for spammers this time around.


    Once you click the link on the comment box, it will redirect again to Facebook Log in Page with Pinterest.


    Once logged in, the site redirects to another malicious URL that claims to be “Official Facebook Profile Viewer.” Clicking the ‘Get Started’ button redirects to image with keyboard shortcuts with instructions for users to carry out.


    It then redirects to another page asking to type in another set of keyboard shortcuts for the supposed security check.

    Finally, the infection chain results in a malicious survey scam, which is typical of many attacks on social networking sites. We have extensively covered this type of scam in the past, including those that leverage Google Glass, Instagram, and even those found on Tumblr. Sadly, users still fall for this. To avoid this threat, always remember that threats are just lurking on social networking sites and always be cautious when clicking links, even if they come from your contacts. Trend Micro already blocks access to sites related to this threat.

    And let me be clear – a legitimate Facebook Profile Viewer doesn’t exist. For now, anyway.

    We’re trying to make the Security Intelligence Blog better. Please take this survey to tell us how.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon

    • bcalton

      So, when they put up a post that says how many people have viewed their profile and also who has viewed it the most, this is just a fake, randomly picked list? What do you tell the person in order to help them out and get rid of it?


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice