"Dislike" Button Scam Hits Facebook Users

An anonymous reader writes "A message saying 'I just got the Dislike button, so now I can dislike all of your dumb posts lol!!' is spreading rapidly on Facebook, tempting unsuspecting users into believing that they will be able to "dislike" posts as well as "like" them. However, security researchers say that it is just the latest 'survey scam', tricking Facebook users into into giving a rogue Facebook application permission to access their profile, and posting spam messages from their account. The rogue application requires victims to complete an online survey (which makes money for the scammers) before ultimately redirecting to a Firefox browser add-on for a Facebook dislike button developed by FaceMod. "As far as we can tell, FaceMod aren't connected with the scam — their browser add-on is simply being used as bait," says Sophos security blogger Graham Cluley."

News?

[SimonTheSoundMan]

Been going on for months.

Re:Dislike

[TheRaven64]

There's a Safari addon called 'defacer' which removes all Facebook buttons and links from every page that you visit (I've not tried it, I just noticed it the other day). Presumably there are similar things for other browsers...

Loathing for facebook.

[Securityemo]

I can't really understand the loathing most people here display for facebook. Or rather, I do, but it seems like people loathe the basic idea of a "IRL overlay" social web? As long as you know enough people who use it, it's great for coordinating IRL activities like parties, birthdays, the nicer kind of activism, etc...

Re:Dislike

[Anonymous Coward]

No, it's a Science Facility with Covert Ops, and a Nuclear Silo attached to your Command Center. ...whaddya mean, "There's a second one."?

Re:It's not a Facebook problem

[natehoy]

The scam hits everyone who uses Facebook, regardless of your browser, if you fall for it.

At the END of falling for the scam, after you've coughed up your survey answers and subscribed to the application, you would then be directed to a Firefox plugin (which was not developed by the people who are perpetrating the scam), at which point you could only install the plugin if you have Firefox.

By then, the scam authors couldn't give a shit whether you can use the plugin. It's not theirs, it's just something they found and used to give their scan a razor-thin veneer of respectability. I won't argue about the utility of the plug-in, because it has nothing to do with the scam.

Easiest way to black facebook

[nephridium]

..or you could simply add "127.0.0.1 facebook.com" to your hosts [wikipedia.org] file - one little tweak, works on every OS, on every browser. The cleanest way for all those who just don't care much for it.

(Btw if you're using localhost as a webserver it's probably better to use 0.0.0.0 for all you annoyance blocking needs instead)

Re:Dislike

[clone53421]

I just have the following AdBlock Plus rules...

facebook.com$third-party,~domain=fbcdn.net
fbcdn.net$third-party,~domain=facebook.com