Facebook shuts down malicious fake profiles

Facebook on Thursday fended off an attack in which multiple identical profiles were created to spread malware.

Antivirus provider AVG Technologies said users of its LinkScanner service detected numerous profiles that were identical except with different names and each included a link to what was represented as a home video but which instead displayed a fake antivirus alert when clicked. The scams are designed to trick people into paying for software they don't need, to get credit card information from victims for identity fraud purposes, and often to install spyware on the computer.

"Clearly, the Data Snatchers have found a way to automate the creation of Facebook accounts, which means they've found a way to bypass the Facebook Captcha," Roger Thompson, chief of research at AVG, wrote in a blog post. Successfully translating a Captcha, a hard-to-read image of letters supposed to ensure that a human is involved, is required for a new account .

The malicious link was blacklisted by the major Web browsers and Facebook was blocking the URL from being shared on its site, said Facebook spokesman Simon Axten. Meanwhile, the company was working to identify all the fake accounts and disable them, he added.

Axten disagreed with the AVG speculation that the Captcha system had been broken.

"We're looking into how these accounts were created, but it's very likely that the sign-up process was manual, or that the person behind the attack farmed out the Captchas to be solved by humans for a price," Axten wrote in an e-mail.

For its Captcha system Facebook uses ReCaptcha, "which was recently acquired by Google and is about as well-regarded a Captcha provider as there is," he said.

When the link in the fake Facebook profiles is clicked a fake alert pops up that tries to convince the user that the computer is infected.

(Credit: AVG)

[n3td3v]

Facebook ask you to confirm your mobile phone number to verify who you are when creating a user name, I guess it doesn't do much good.

[basraw]

hmm, thats something i never had to do?..

[n3td3v]

Here, https://register.facebook.com/confirmphone.php?username

[changedx]

It asks you to confirm with a mobile phone number to get an added level of security, but you don't have to. If you don't enter your cell phone number, then you have to solve a CAPTCHA each time you add a friend.

[hmdz105]

Social engineering!

[Samesmusic]

Does anyone know anything about the validity of cyberdefender? It is supposed to be an ant-virus program you can download from the internet (29.95) When it didn't work, I called the company, who promptly accessed my machine without permission.

This is great! I personally agree.

[devastatingnews]

Try Internet Security from AVG

[cloudmatt]

I hear good things about panda cloud http://www.cloudantivirus.com/ and symantec av always seems to treat me right.

[GraffixDesigner]

I once had a profile on facebook (under another name and email address, so don't look) and closed it about two years ago out of concerns for my privacy. I never posted anything or showed any pictures or personal information, so I didn't think much of it at the time...

Except that facebook never forgot me. About a year ago I still got emails from facebook 'friends' trying to contact me through the site. Annoying, surely, since I had to reactivate the account to tell these friends I was no longer ON facebook anymore. Then I re-deactivated the account, but not before noticing that ALL the personal info that was on the site when I left -as little as there was- had remained.

That was a year ago, and I haven't gotten word from my facebook friends since... but I did get emails from unknown bots trying to get a response off my closed account. I never responded to those, and I am glad I blacklisted all emails from facebook once I started getting them.

Hopefully closing those fake accounts will help restore facebook's security some. As for me, I will never use social networking sites to contact friends under any circumstance.

[Some_More_Deepthought]

My wife has just recently created a Facebook account. I think the mobile confirmation security feature is not available everywhere. We live in Australia and I don't believe it is an option here.

A little off topic. That screenshot look exactly the same as one I saw yesterday. Only I was doing a general search on google for car parts at the time. The first link in my search results looked for all intents and purposes to be a legitimate link. It included key words from my search criteria and the same URL was displayed in my status bar when I 'moused' over the link. However when I clicked on it I noticed that I was immediately redirected to "http://computer-scanner21.com/scan1...". I was greeted with a pop up warning me that my computer needed scanning... I closed it using Alt F4 and was then presented with the page you see in screenshot in this article. Clearly trying to look like windows explorer and complete with fake progress bar and various files on my computer apparently being scanned at high speed. During the 15 odd seconds of my 'Scam' I mean 'Scan' various infections were of course found and displayed, at the end of which I was greeted with another pop up urging me to down load 'Total Security' to save me from my dire fate. Well I after taking a few screen shots I closed the pop up and the browser. Upon closing the browser the persistent little bugger presented me with yet another pop up warning me yet again of my impending doom, and reminding me to download 'Total Security".

I have reported this to the ACCC as a scam, As well as to Google. When I mentioned this to my son he was not surprised, saying "Yeah got one of those the other day, Was it the first link in the search?" In cases like these, I think it really pays to be familiar with the programs your using. If something new happens or doesn't look right then take the time to consider what is happening before clicking.

[kzeesdesign]

This might be off topic but I find this article interesting. Since Oct 3 at aprox 9:45pm Eastern Time I have not been able to login to my face book account. I receive a message that my account is temporarily unavailable due to site maintenance. Going on three days now. Despite several attempts to contact them in regards to this, using their help pages, I have not heard a word from them. What I am curious abbot is if maybe now after reading this that I might be under investigation. I have several accounts My wife and I have one together, I have one for myself and she has one for herself they are all created with different email address but I a wondering if the similarity has got us under suspicion. Also after much research lately I am apparently not the only one that this is happening too. There are several blogs out there with upset people who are experiencing the same problem and they all started around the same time of the 3ed. And all say they have heard nothing back from face book. Boy if any of you have any idea how I could contact them and get this resolved I would for ever be grateful as under my account I have several business contacts that I would no longer be able to find again if we are to in fact loose our account. Thanks in advance

[karentia]

I had to have my entire 4 1/2 year profile at work deleted due to the virus. It was terrible, you could not get rid of it, you could not make it go away by cancelling or closing the window, it popped right back continually. The difficult thing is that you could just have scrolled your mouse over an ad and that would attatch to your profile. Scary.