Oct 5, 2012

Facebook scam Author Revealed - #Scam

Greetings,After a Long gap(changes) I'm here again,Thanks for All your support,Let us continue our topic
Download this article as PDF and read Later
Facebook scam nowadays so popular,Lots of Techniques Lots of ideas implemented,but anyhow finally it ends and starts with new form..So let us discuss the details about latest Facebook scam prevails last 24hr and finally the author(script kiddie) Revealed..Interesting?

You aware of this one which spreads massively last day about "warning Facebook security"(Who is this guy ,who cares more?)....See the pic

Well continue with me we'll have a nice journey...,after clicking on the link from Facebook it redirects to hxxp://facebook.com.cfbi.info..and after that You'll receive this weird Page(so caring)..the real deal is,He("he?,yes we revealed finally") redirects this site with the help of free redirecting service..and redirects to

Then all the routines are there,which is written by that script kiddie,First he checks the Geo Location of Yours by calling a script externally

He proceeds further by getting the Geo Location and followed this routine of selecting the page to be displayed.

After getting in to webpage which we saw above the first pic,It getting noticed to enter the code,After You clicked that green button "click code",It again redirects with Shortened url(obfuscation) and ends with that scam author Facebook application page to get the token...followed with URL

hxxp://www.facebook.com/?facebookverification(click+here+and+copy+the+entire+URL+and+paste+in+step2)#access_token=(Your Token here)"

After As per the instruction You'll get the URL to be copied in his website,and after we copied our personal code,It gets checked with routines written by him,validates and finally spreads in Your account as spam,some of the snippet codes are

And finally spreads successfully..Here we go with detailed statistics about the spreads in last 24hr

Here we go the spreads hotspot all over the world

And Finally the author Revealed ,He is from India,Had a glance with detailed specifications

So be-careful on What You are clicking,Its a kind of Click-jacking Technique he used,Be alert,and don't be a prey on Attractive links...

Precaution/aftermath method:

  • Don't be a prey for attractive link,Think twice before clicking
  • Changing the passwords is always a better method
  • Be safe on privacy implemented in Your Account
  • sometime might be porn attack,It might cause reputation on You,so think twice before clicking
  • Never be a prey to social Engineering attacks,Go with What you have
Thanks For your precious time with this article,If You Like this one please share and comment..

Reegun Richard J
(Malware Researcher)