by Dave Michmerhuizen – Security Researcher
How it works
and pressing the Enter key.
The resulting message box displays the cookie (if any) that is associated with the currently loaded web page.
If a friend clicks through, they see the attack page, hosted on Facebook
and if that friend follows the directions, not only do they spam their friends, but they proceed on to a survey page, in this case disguised as a “security check”.
Following one of these all the way through lands you on the payoff screen.
The “security check” says it wants to send the results to your cell phone. Your cell phone number is really being requested in order to sign you up for a premium SMS service, as shown in the small type at the bottom of the page. This is how many Facebook survey scam pages make their money and why they are so prevalent.
Barracuda Networks recommends you exercise special care when visiting links posted in your friends’ news feeds. Barracuda Web Filters and the Barracuda Web Filtering Service block access to these sites.