Yet another Facebook spoof

  • Article

You know that as a service you are really popular and you’ve truly made it when spammers start abusing your brand and use it to spoof and send out spam.  Below is a screen shot of a spam message that I received in my Yahoo account this past Sunday.  Note that it looks like a completely legitimate other than the lack of a photo for the person who sent me a message:

image

Contrast this to an actual message:

image

You can see that the color scheme is identical, the footer is the same, the formatting is the same and even the time stamps are the same.  The only differences are the actual email address from Facebook is different and the link to Yahoo! is formatted whereas in the spoof it is @yahoo.com.

The link, of course, does not go to a Facebook link at all.  It goes offsite to a domain that was created on January 11, 2010, but updated on July 17, 2010 – one day before I got the spoofed message.  This implies that a spammer registered a whole ton of domains many months ago and has been cycling through them, but keeping them in his back pocket and then updating them in preparation for a spam run.

This particular domain does not resolve anymore and has been taken offline.  In all likelihood, it was a link to a site containing malware (probably a drive-by download) that was designed to infect a computer and flip it into a botnet, and it used social engineering as its modus operandi.  Social networking sites are particularly prone to this type of thing.  While phishing works because you trick the end user into doing something they might not normally do in order to steal financial information, the reality is that there are lots of banking sites and so the target consumer base is small. 

There are only a few social networking sites that matter (Facebook , Twitter, YouTube and a handful of others) and they have many tens of millions of customers, and the only way you can access them is through online modes.  Financial institutions, on the other hand, can be accessed online or by going in person, and many people still choose to do all of their banking in person.  In other words, when it comes to social networks, these can be more lucrative (in the sense of success, not how much money can be gained) simply because the user base is much larger.