I saw a Facebook user have his account hijacked recently, and used to spam a lot of contacts with wall messages pointing his mates to sites (DON'T VISIT THESE SITES) like -
- sobgroan.com
- scrambleweep.com
- whipchime.com
- floatfaint.com
- slideleap.com
- votebeep.com
- singhoot.com
- roargroan.com
- clapspray.com
- wavehum.com
- gigglesail.com
- thumpwish.com
- spoilroll.com
- spoilhike.com
- ridepush.com
- swinghiss.com
Again - don't visit the above sites - they are the same site, which is a scam trying to sign you up to a paid cellphone "info" service - use the links at bottom of post for more info!
I can't find any Google results for these domains - anyone know what the "right" name is for this particular worm?
The site which you get sent to - not a link, the URLs are always posted as "wavehum-com" etc - says,
For your security, please do not use your previous password created on this site or the same password that you use to log into other sites. Doing so may re-trigger our auto-post tell-a-friend feature that you may have previously opted in to from this site.
It's a pretty transparent scam, but still seems to be catching a few unsuspecting folks out.
It's probably not Koobface because it's just phishing login / password combos from people silly enough to hand the details over and then replicating. Well ... I didn't notice any attempt to install a virus, but then maybe I wasn't running a vulnerable enough system to notice that part :)
What the site does try and do is sign you up to a chargeable text service - US$10/month to be spammed. If you fell for this trick, reply to the next chargeable text you get (or to 86455) and say "STOP". From the registration page (jeebers, people, it's written in plain english right there, if you fall for this shit ...)
Summary Terms & Conditions:
This is an auto renewing subscription service on short code 86455 and available to users over 18 for $9.99 per month on AT&T, Verizon Wireless, Sprint and Nextel {3 alerts per week}, Virgin Mobile USA, Cellular One, Cincinnati Bell, Centennial Wireless, Unicel and U.S. Cellular. For $6.99 per month on Boost and Cricket {2 alerts per week}. For help, text HELP to 86455, email 86455@sms-helpdesk.com. or call 1800 235 7105 for automated help or call 1800 416 6129 for a live operator.
More info:
- http://blog.trendmicro.com/facebook-picture-joke-connives-with-email-har...
- http://ask.metafilter.com/107454/FacebookHmmmbook
- http://garwarner.blogspot.com/2008/11/facebook-users-beware.html
Excellent quote from the Metafilter discussion -
My conclusion: This is actually a test intended to weed out those people who have failed the itnernet.
Honest to god, any person who answers a single question honestly has failed life. The site literally could not look scammier.
This is the final page, by the way:
