Latest Facebook Scam: Phishing for Memories

Phishing scams are nothing new on social networking sites – Facebook has been especially prone to ongoing series of attacks, including recent scams promising free tickets on Southwest Airlines and free iPad giveaways. However, hackers have recently launched a more subtle and insidious campaign of attacks that capitalize on the social engineering (and inherent trust) that powers all interactions on Facebook, and the sentimentality of Facebook users.

Rather than baiting users with obvious, “too good to be true” deals, this new generation of phishing scams centers around so-called “1st status” scams, which invite users to install a Facebook app that will publish a given user’s very first Facebook status update. This new type of phishing scam is particularly artful (and damaging), especially in light of legitimate Facebook apps such as FriendStatistics and year-end roundup apps that reveal similar information, such as a user’s most popular friends and frequently-mentioned words.

The proliferation of third-party apps on Facebook and the prevalence of shortened URL enables hackers to easily mask the source of these malicious apps. The appeal of these “1st status” apps is obvious and immediate to many Facebook users, and facilitates the rapid spread of the rogue app across their entire social network through automatic status updates that blast to a user’s entire friend list. As Facebook works to address this latest threat, internet security specialists caution users to follow common sense: be wary of apps that request access to your personal information, and avoid shortened URLs.

For instructions on how to remove an installed third-party application from Facebook, click here.

Image courtesy of David Boyle.


Facebook ’1st Status’ Scam Spreads Rapidly [link]

This entry was posted in Malware Alerts and tagged , , , . Bookmark the permalink.

2 Responses to Latest Facebook Scam: Phishing for Memories

  1. Daniel says:

    The only way to deal with it is to remove the function that allows people to create apps. Or is that overkill?

  2. Karen Sue Loader says:

    Thanks Dave for the heads up–the informatin is very appreciated and I enjoyed reading it.

    How do we know if we have any third party apps on FAcebook? Is the FAmily Tree a dangerous App? Thank you for your prompt reply. My computer caught the RogueWin32/FakeSpypro trojan and all of my systems, sound and Internet through Firefox is gone are gone, including Firewall and Windows Defender.

    I’m caring for my Mother so I can’t work Do you know of a trusted free Firewall that I can get and a free malware detector? Also any suggestion that you can procide how I got this Trojan and how I can repair the what seems to be permanent damage to my entire system would be doubly appreciated.
    Thank you. I was lucky to have Microsoft Security Essentials, which was the only one that detected and cleared this Trojan. PC Tools failed to detect it, as did AVG and even SpyDoctor failed to detect this “deadly” Trojan. I don’t know where it came from and I pray that I never fall prey to one again. What is the motivation for these pranksters anyway?


Leave a Reply

Your email address will not be published. Required fields are marked *


You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>