Spam messages are spreading across Facebook claiming to be from users who have calculated the total hours they spent on the social network during 2010.
Would you be tempted to find out how long you had spent on Facebook in the last year? Well, I would be cautious if I were you as you could find yourself assisting scammers who are using rogue applications to make themselves a quick buck.
Typical messages read:
I was logged into facebook for XXXX hours in 2010!
Check yours @ [LINK]
or
I spent a total of XXXX Hrs on Facebook in 2010 WOW. What are your hours like? I found out from [LINK] ...Enjoy!
If you click on the links you will be taken to a third-party application permissions dialog. As with legitimate Facebook applications, this app needs your permission to access information on your profile. Unfortunately this rogue application is not interested in calculating the real number of hours you spent on Facebook, all it cares about is spreading its message virally between users.
Because as soon as you click “Approve” the rogue app takes the opportunity to post a message on your Facebook page, like the ones above, designed to fool your friends into believing you’ve found out how many hours you spent on the website during 2010.
And so the scam spreads virally.
What is the point of the scam? To make money by tricking you into taking a survey.
The webpage you are taken to after approving the rogue application tricks you into believing that you can find out how many hours you were logged into Facebook once you have completed a survey as a “security check”.
In reality, the scammers earn commission for each survey completed. And you’ve just helped them spread the survey onto your friends as well.
If you have been hit by scams like this on Facebook, and are struggling to clean-up your profile, here’s a YouTube video I made which describes what steps you need to take:
[youtube=http://www.youtube.com/watch?v=Or-qR0Y300w&w=500&h=311&rel=0]Make sure that you keep informed about the latest scams spreading fast across Facebook and other internet attacks. Join the Sophos page on Facebook, where over 50,000 people regularly share information on threats and discuss the latest security news.