We’re seeing a lot of reports in relation to dubious Facebook pages using Javascript to try and spam anybody who happens to be on your friends list. Here’s a typical example:
Should the end-user hit the “Click here” button, rather nifty prompts appear that encourage them to do something a little bit silly:
If you’re somebody that knows their way around the keyboard, you’ll immediately recognise the above as “Copy”. But what are you copying? And what do they want you to do with it?
For anyone that isn’t aware, ALT + D will put the focus back onto the URL bar in the browser. Let’s see, you’ve copied something, switched back to the URL bar – I wonder if they want you to paste something into the browser?
Yes, it looks like they do. The end-user will paste the following Javascript code into the address bar. This isn’t a good thing:
Once the end-user hits the enter key, two things will happen.
A “suggest this to your friends” box will automatically flash up on the screen for a second or two:
It then vanishes, replaced by a CAPTCHA prompt.
The end-user will probably fill this in, and once this happens the spamlink will appear on the news feed of anybody who happens to be their friend:
From there, the links “go viral” as people are endlessly suckered into visiting the pages, pasting the Javascript into the browser and making money for the creator.
How are they making money, you ask?
A website will appear inside the Facebook page, covered with a CPA lead box that wants you to fill in a survey or take part in a competition to see the content (and by “content”, I mean “random site or spamblog that isn’t worth wasting six seconds of your life looking at”).
Of course, people not familiar with these kinds of scams will happily sign their life away to expensive ringtones, fake iPod offers and mail order doodahs (technical term). If you want an idea of how many people are firing these links around at present, here’s a random sample from just four of these pages (there’s a lot more of them out there):
We can’t show a screenshot for the next group as it’s a bit naughty, but here’s the total of “likes” anyway:
Same again for this one:
Let’s finish off with a page that’s currently sitting on 21,347 “Likes”:
Is that a frankly terrifying number of people entering random code into their browser without knowing what it is then hitting the okay button?
Unfortunately: yes.
We’ve notified Facebook, and hopefully some of these pages will be dismantled over the coming days.
Christopher Boyd