January 5, 2011 by Vincent

Spammer Exploiting Facebook Outgoing Link Redirection

How do you identify spam links received on instant messengers? One of the easiest way is to identify the domain. If your friend is sharing random links with unknown domain, the fancy ones especially, you should be very wary (pun).

Some phishing sites might also use domain similar to popular social networking sites, faceb0ok.com for example. So does that mean if the domain is exactly the same as popular sites like facebook.com or youtube.com, you are safe?

If you ask that a day or two before, I would say yes. But not after I received the following spam link on Windows Live Messenger:

Facebook.com, that should be safe. But wait a second, examine the URL more carefully before you let your guards off. The spammer is exploiting Facebook’s outgoing link redirection to gain user’s trust.

What happens when you visit the link? You’ll be greeted by Facebook’s “Please be careful” message, which probably no one reads or care.

Seeing Facebook’s logo and ignoring the little words Facebook put up to warn users, the victim would have a false sense of security and proceed with the charming blue “Continue” button.

You will then be redirected to just any URL that follows behind http://www.facebook.com/l.php?u=. (e.g. http://www.facebook.com/l.php?u=www.sheeptech.com for SheepTech)

The rest were history.

Do notify your friends and family, especially the not so tech-savvy ones, to beware of this new tactic.

#Facebook#phish#scam#spam#Windows Live Messenger#WLM