Spammer Exploiting Facebook Outgoing Link Redirection

How do you identify spam links received on instant messengers? One of the easiest way is to identify the domain. If your friend is sharing random links with unknown domain, the fancy ones especially, you should be very wary (pun).

Some phishing sites might also use domain similar to popular social networking sites, faceb0ok.com for example. So does that mean if the domain is exactly the same as popular sites like facebook.com or youtube.com, you are safe?

Facebook Candy Van

If you ask that a day or two before, I would say yes. But not after I received the following spam link on Windows Live Messenger:

Windows Live Messenger Spam Link using Facebook domain

Facebook.com, that should be safe. But wait a second, examine the URL more carefully before you let your guards off. The spammer is exploiting Facebook’s outgoing link redirection to gain user’s trust.

What happens when you visit the link? You’ll be greeted by Facebook’s “Please be careful” message, which probably no one reads or care.

Facebook outgoing link warning message

Seeing Facebook’s logo and ignoring the little words Facebook put up to warn users, the victim would have a false sense of security and proceed with the charming blue “Continue” button.

You will then be redirected to just any URL that follows behind http://www.facebook.com/l.php?u=. (e.g. http://www.facebook.com/l.php?u=www.sheeptech.com for SheepTech)

The rest were history.

Do notify your friends and family, especially the not so tech-savvy ones, to beware of this new tactic.

#Facebook#phish#scam#spam#Windows Live Messenger#WLM

Comments

  1. Ishan - January 6, 2011 @ 10:13 pm

    This is a pretty common hack that exists on many PHP powered sites. However, seeing this being done on something as large as FB, this can be a big security problem.

    Reply

    Vincent replied:

    Exactly. I would normally close such spam message instantly, but this got me to have a second look.

    At least Facebook is showing a warning message instead of redirecting right away. I couldn’t imagine if the latter were to be the real situation.

    Reply

  2. EURO 2012 HIGHLIGHTS - January 7, 2012 @ 6:40 am

    I simply hate facebook spammers that’s the most stupid thing that could have ever been invented

    Reply

Leave a Reply

Your email address will not be published / Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>