Facebook users are being duped into unwittingly spreading spam by clicking on what looks like a link to news entitled "First Exposure: iPhone 5."
A version of the scam, exploiting peoples' interest in the next-generation iPhone, went around Facebook earlier this month, and it's back today with minor changes.
The scam starts when you see someone in your social network comment on a link in a post that looks like it leads to a news story about the iPhone 5 at a Web address of "greatlakesnews.info." Clicking on the link takes you to a different Web page, which provides a captcha window where you're asked to verify a word, ostensibly to prove that you are not an automated bot.
Once you click to verify, a message is posted to your Facebook stream notifying all your friends that you commented on the item and providing them with the bogus iPhone 5 link, in a type of attack known as "clickjacking." Then you're asked to choose from a list of items that then lead to a survey which is really marketing, according to this M86 post.
Clickjacking can be a problem on any Web site, but social networks are particularly susceptible because people share so many links. Facebook's advice to not click on strange links even if they are from friends would cut out many of the legitimate links people share on Facebook.
It's good idea to try to avoid getting news from sources that aren't known news sites. But a big red flag is the captcha window--legitimate sites don't typically make you prove you're human to read a news item.
Comments