FB Spam Claims To Prevent Spam, Leads To Spam


7 Apr 2011
Reaction score
Scratch in yet another another instance of malicious script masquerading as Facebook spam. This time, the scam targets the tin foil wearing ones, eager to protect their account against the usual malware scourge. It involves a Facebook post, apparently from a friend, informing the victim that it is possible to verify the security of her account. Clicking the included link to the verification site is supposed to help the user avoid Facebook spam. However, in a cruel twist of irony, it leads to exactly the opposite.

The link redirects to a website containing a script identified as JS_DOOLF.SPM. The user is then informed that the verification has failed and therefore her account will be deleted. The only way to prevent that from happening, according to the scam, is to follow some steps. Doing so lets the script harvest the user's Friends list. The cycle continues with the victim's contacts receiving the same post. Lather, rinse, repeat.

The malicious post may disguise itself as a genuine one from a friend, but the best way to tell a fake is to trust your instincts. Better yet, it helps to keep your friend list free of the dim ones who are likely to fall prey to such scams. Then again, that counts as wishful thinking, because we all know one.

Fortunately, Trend Micro's Amit Nath offers a more sensible solution: "Never Click Links in messages received unexpectedly and never ever login to a site as a result of a link in a message. If you do follow a link that instructs you to login afterwards, close the page, then open a new page and visit the site using a previously bookmarked or known good link. Use a unique strong password for each account. If you have multiple social networking accounts use a unique password for each".

Top Bottom
AdBlock Detected

We get it, advertisements are annoying!

Sure, ad-blocking software does a great job at blocking ads, but it also blocks useful features of our website. For the best site experience please disable your AdBlocker.

I've Disabled AdBlock