"Dislike" Button Scam Hits Facebook Users 179
An anonymous reader writes "A message saying 'I just got the Dislike button, so now I can dislike all of your dumb posts lol!!'
is spreading rapidly on Facebook, tempting unsuspecting users into believing that they will be able to "dislike" posts as well as "like" them.
However, security researchers say that it is just the latest 'survey scam', tricking Facebook users into into giving a rogue Facebook application permission to access their profile, and posting spam messages from their account.
The rogue application requires victims to complete an online survey (which makes money for the scammers) before ultimately redirecting to a Firefox browser add-on for a Facebook dislike button developed by FaceMod.
"As far as we can tell, FaceMod aren't connected with the scam — their browser add-on is simply being used as bait," says Sophos security blogger Graham Cluley."
Mod the post (Score:5, Funny)
Re:Mod the post (Score:5, Insightful)
Why should I care about the scuttlebutt of the internet.
Don't know about you, but a lot of my friends use it, and guess who gets to clean up the mess every time they fall for something like this.
Re:Mod the post (Score:5, Insightful)
I don't know... are they responsible for themselves?
Oh, that's right, they never have to learn because you'll be there to fix the problem every time.
Re:Mod the post (Score:5, Insightful)
It takes a village to raise an idiot...
!news (Score:5, Insightful)
You have many amateur users who don't understand the first thing about security, and you have millions of them. Millions! Make something that looks slightly "official," and you've got it made. (Remember the old antivirus popups on websites?)
We basically have a conglomerated database of targets for any exploit in a system that changes its layouts and features so frequently that no one can ever recognize that something looks a little off...
Re: (Score:3, Insightful)
(Remember the old antivirus popups on websites?)
Old? Those started becoming popular what? 2-3 years ago? And they are STILL popular, and STILL very nasty.
Re: (Score:2)
You have many amateur users who don't understand the first thing about security, and you have millions of them.
It is worse then that. Facebook itself actively encourages irresponsible high risk behaviors such has handing out your email password to a third party, thus making the already clueless users even more clueless.
Re: (Score:3, Funny)
... but it only takes a B-52 to raze a village.
Re:Mod the post (Score:4, Funny)
Love Shack, baby!
Re: (Score:2, Troll)
It takes a village to raise a child, it only takes a child with matches to raze a village.
Re: (Score:2)
Re: (Score:2)
Comment removed (Score:4, Insightful)
Re: (Score:2)
Re: (Score:2, Insightful)
Yes, please. Swiss. Just the holes (they taste better), if you don't mind, and even if you do. Thanks for asking.
Re:Mod the post (Score:4, Insightful)
A bot-net gets bigger.
A granny can't use her machine.
Evil porn is served up from Teh Gran Machine.
The state kick down Gran's door and take her away.
Gran gets 30 years in jail. She's 96.
I missed out profit & base ownership claims. It is all bad for Gran.
Re: (Score:2)
Gran gets 30 years in jail. She's 96.
I missed out profit ...It is all bad for Gran.
I don' t know - sounds like free nursing home care to me. I'll have to remember this strategy for later.
Re: (Score:2)
...so this is Social Security?
Re: (Score:2)
You're obviously not a sailor. The scuttlebutt is a good place to hang out, hear the gossip, swap lies, learn irrelevant stuff, and get a drink, while avoiding work.
Oh - wait - maybe you have it right after all?
Re: (Score:2)
yes that was exactly my use of the word. You just can't quench your thirst there.
Re: (Score:2)
Why should I care about the scuttlebutt of the internet.
Says the guy commenting on a Slashdot article.
News? (Score:4, Informative)
Been going on for months.
Re: (Score:2)
How about years? It's still September...
Everybody Panic! (Score:2, Funny)
OH Noes!
(obligatory anim GIF) http://i108.photobucket.com/albums/n13/greatcapp/oh-noes-everybody-panic.gif [photobucket.com]
I never listen to those "check out this new feature" ads.
Invariably you have to hop through hoops. It's never free.
Facebook is a Ponzi scheme (Score:1, Interesting)
1. Set up really popular new big thing!
2. Have 500 million morons congregate.
3. They do ??? which is important because ???
4. Sell ads for products they probably don't purchase because they're just goofing off on the internet because they're too broke to go do something fun instead.
5. ???
6. Profit!
Re: (Score:1, Interesting)
While your little list doesn't really make any sense, I do agree that Facebook doesn't currently have a sustainable business model. However, how does any of that equate to a Ponzi Scheme? Or do you have absolutely no idea what that means, and just thought it sounded good?
Re: (Score:1, Redundant)
They could easily sustain themselves with targeted advertising. Assuming, of course, they do it right.
Re:Facebook is a Ponzi scheme (Score:5, Funny)
Uhuh. The you don't know what a Ponzi scheme is, and it's the *facebook* users that are the morons... riiiight.
Dislike (Score:4, Funny)
Can I just have a 'Dislike' button for all of Facebook, please?
Actually, I think I'll take a 'Tactical Nuclear Strike' button instead, now that I think of it.
Re:Dislike (Score:5, Informative)
Easiest way to black facebook (Score:4, Informative)
(Btw if you're using localhost as a webserver it's probably better to use 0.0.0.0 for all you annoyance blocking needs instead)
Re: (Score:3, Insightful)
Re: (Score:2)
I always see that claim that a hosts file works on every OS and every browser. People always seem to forget that if you are using a proxy server (for example at work), the hosts file is ignored. The proxy server controls what the address is. So the hosts file thing works perfectly (and I use it) at home where I don't have to go through a proxy. But it is useless at work (and yes, there are things I would like to block there too - and random facebook and twitter buttons on pages are indeed some of them).
Use NoScript and block Facebook/Twitter.
Re: (Score:2)
Re: (Score:2)
Great idea - "I don't like this, let's BAN IT" -- somehow I think there's a failure in logic here.
Re: (Score:2, Interesting)
Re: (Score:2)
..or you could simply add "127.0.0.1 facebook.com" to your hosts [wikipedia.org] file - one little tweak, works on every OS, on every browser. The cleanest way for all those who just don't care much for it. (Btw if you're using localhost as a webserver it's probably better to use 0.0.0.0 for all you annoyance blocking needs instead)
There's some user her that rabidly points out that 0.0.0.0 will always outperform 127.0.0.1 even if you don't have a local web server as it's always not routable, and 2 characters shorter to parse.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Here’s an even neater trick: Collapse blocked elements.
Oh wait, that’s AdBlock Plus.
Re: (Score:2)
Re: (Score:3, Informative)
I just have the following AdBlock Plus rules...
facebook.com$third-party,~domain=fbcdn.net
fbcdn.net$third-party,~domain=facebook.com
Re: (Score:2)
Thanks for the correction. I had created the filters on my home computer and then tried to re-write them from memory...
Re: (Score:1)
It will lead you to another bit of malware. Best not click on anything.
Ever. At all. Never again. version 2.3.this.time.'it's'.personal
Re:Dislike (Score:5, Funny)
Unable to comply. Ghost Academy required.
Re: (Score:3, Informative)
No, it's a Science Facility with Covert Ops, and a Nuclear Silo attached to your Command Center. ...whaddya mean, "There's a second one."?
Re: (Score:2)
I believe the hotkey is "N"
And? (Score:5, Insightful)
This is not new news, really. There is always some scam going around that takes advantage of the inability of most users to distinguish untrusted content from trusted content, not to mention the people who click Yes to every pop-up without understanding what they've just done.
Facebook is a gold mine for scams like this. There are way too many people using the site that don't care about the dangers. Apathy and ignorance are best ways to spread this kind of thing, and they are found aplenty in any social networking crowd, at least when it comes to the technology behind the social aspect.
Re:And? (Score:5, Interesting)
Re: (Score:2)
Re: (Score:2)
What's a browser extension?
But the button appears inside the facebook page, so it's "on the web page" and not on my computer...
It's facebooks system, if there's a virus loose in their system it's their problem not mine!
How can it send spam messages? Can a virus click the "send" button? But I'd notice if my mouse cursor would move, and I turn my computer off at night!
How can someone possibly make money off stuff that's in the phone book? You're just being hysterical. What do
Re:And? (Score:4, Interesting)
I think that's harsh to most users.
In this day and age we expect to be able to do most things without understanding the fundamentals that they are built on.
How many people who use a bank/have a mortgage have a degree in economics and accounting?
How many people who drive a car can strip the engine down to component parts and successfully rebuild it.
How many software engineers can architect a modern CPU right down to the logic synthesis and asic layout complete with timing closure and dealing with sub micron silicon effects such as crosstalk and antenna diodes.
You shouldn't need to have the underlying structural knowledge of everything in order to accomplish common everyday tasks. Tools for staying in touch with friends are tools to help a common everyday task.
As long as facebook aims itself at novices to the web then it should be usable by newbies. Being a clueless novice is not a crime, we've all been there. Facebook is sold to many as one of the reasons to start going on the web, but yet is one of the most dangerous places for new people to play about with,
I blame those who run facebook not the users.
So yes I am on facebook because it is a great place to tag photos of people and because almost all my friends are on it so it's a good way keep up with people who you don't see as often as you'd like. I don't think that means that I am about to buy a pet rock because I am on facebook to be tagged in photos, get invited to parties, be reminded of birthdays, and be informed that my old friend from Uni has just had a baby.
Re: (Score:2)
In this day and age we expect to be able to do most things without understanding the fundamentals that they are built on.
That may be an unrealistic expectation in some ways. I think that people should be expecting to learn the fundamentals of mathematics and physics. They don't need quantum physics at this stage, but it would be nice if they had some idea that objects at motion tend to remain in motion so that they have less chance of driving up one another's arse on the expressway, and so on. People ought to understand the difference between ionizing and non-ionizing radiation so they understand why they need to stay out of
Re: (Score:2)
While I agree with everything you say there, I chose my examples very carefully and while my expectation may be slightly unrealistic i think it is a responsibility of engineers (myself included) to aim for that in the things we build. Fundamentally if the average person cannot use a system designed to be used by the average user then I have to blame the designer.
Take my bank example, many people who were unaware of the finer details of how the finance system works were bit by sub prime mortgages.
I'm fairly
Re: (Score:2)
I think what I'm getting at is that all this seems very important and obvious to us as geeks, but there are many other things in life that should be obvious and are fundamental to modern life, but that I don't understand. Take the offside rule in football for example, much to the annoyance of my fiancée I haven't a clue about it and she would treat that as something as basic as we treat ionizing radiation. Do I really care? Not really, so I don't bother to fix that missing piece of knowledge. I think the same applies to none geeks and even the more basic parts of online security.
I totally disagree. You only need to know about esoterica of stupid jock sports if you watch them or play them. We all use computers, though, so information security should be important to all of us. We all have to deal with both ionizing and non-ionizing radiation.
For me it's been a lesson learned in life that what is important and fundamental to me is not so to everyone and one of the best things to do is accept that and work out how we can make the world a better place knowing that. I would also say that blaming the other person rarely helps, so what can we do as geeks and engineers to improve the situation from our side.
I think the solution comes from both ends. A total dipshit can drive a car around, and in this country, even get a license. But if you take the time to learn some skills you both have a better experience (most drivers can't even apex a fucking tu
Re: (Score:2)
The use of knowing esoterica of sports is that the vast majority of the population does, so it leaves me a bit of a social outcast. That said the vast majority of the population seems to like American Idol and soaps so...
As for hitting the apex of a corner (Yes I'm going to be modded as offtopic here, but this is a pet thing of mine):
{puts on IAM motorcycling hat}
Hitting the apex of a corner is the fastest/lowest G force way of getting around a corner. It is very suited to use on a racetrack but completely
Re: (Score:2)
Dude, chill!
If the curve is one sharpness, and I am able to reduce that by apexing the turn, I can either go around it faster, or I can go around it with less lateral Gs
Agreed, the point I failed to make sufficiently was that what also applies to cars is that you should be choosing your road position both for comfort and safety. Part of that is seeing, part of that is being seen. Apexing interferes with both these safety factors both for cars and motorbikes.
Apexing doesn't mean going as fast as possible.
Agreed, but most people seek both speed and safety; so I was assuming that you were chasing the maximum speed with a given comfort level - that was certainly the implication I got from your post, because it
Re: (Score:2)
People are in my lane all the time, I have to pay attention whether I apex or not. I drive defensively in two ways, one by staying in my lane and dodging the fuckwads who try to share it when going the opposite direction, and two, by driving a 3475lb sedan (W126... crumple zones plus mass FTW) and a 6600 lb 4x4.
Re: (Score:2)
Sure, I'll agree with you on some of these points, but:
Your phone rings, you pick up. You hear a momentary "click" as you're transferred to an operator, who tells you that you've just won a trip to Jamaica, and that he needs your credit card information to proceed with awarding you your trip. What do you do? Do you assume that he's legit and dole out your credit card to him, or do you use your brain?
The same thinking isn't applied to web objects often enough at all. So, Average Joe may not understand the fu
Re: (Score:2)
I think the reason I blame facebook is twofold. First they keep changing things, so it's hard for a newbie to get used to what is a legitimate intrusion because it's out of the ordinary, or just facebook playing with their interface.
To use your example, imagine day 1 you didn't dial your phone you always asked to speak to the operator. Then day 3 you had to dial the number yourself. Then by day 5 adverts had started to appear whenever you dialled an 0800 number, then by day 6 instead of dialling first then
Re: (Score:2)
Hey! Don't be dissin' bell-bottoms!
Re:And? (Score:4, Interesting)
This one gets bonus points for spreading by appealing to the dark side of human nature with their offer of a new and exciting way to threadcrap. As if random popup ads don't snare enough people, now they are out there with an appealing product (at face value anyway) that users have to actively resist. Just when the idea of Facebook itself as a scam was gaining traction, now we have this shit-sandwich-deep-fried-in-vomit craze sweeping the 'tubes. The internet is doomed!
Re: (Score:2)
And - here's the real moral of the story:
If your users request a feature often and with a passion, you either give it to them, or someone else does :D
Re: (Score:2)
Apathy and ignorance are best ways to spread this kind of thing
Q: What's the difference between apathy and ignorance?
A: I don't know and I don't care!
I dislike (Score:1, Insightful)
everyone of you jerks who beat me to the coveted 'first post'. I dislike you all, a lot.
In other news (Score:5, Insightful)
Comment removed (Score:4, Insightful)
How is this new? (Score:2)
Hell, even facebook itself is just a moneymaking ruse cleverly designed as a way to keep in touch with friends while it gains all your personal info. .
Re:How is this new? (Score:4, Funny)
Loathing for facebook. (Score:3, Informative)
Re:Loathing for facebook. (Score:4, Insightful)
it's great for coordinating IRL activities like parties, birthdays, the nicer kind of activism, etc...
So was MySpace, your point?
Most of the hate about Facebook is that they are hypocritical and do not care about the values of humans. They will lie to you to get you to post private data up, make it appear as of your privatizing it, then make it so it's public. They'll also harvest (farm? data mine?) information and sell it.
Other than that, they're great. Uh huh.
The trick is to block every app on facebook. (Score:2)
Make it a game. Every one of those apps (with a few exceptions) are just spam. You can block them by clicking on the "posted by 'stupid app'" then on the apps page click on "block application".
Word on the street is there exists a firefox addin that does this for you--but I have never bothered to find it.
Re: (Score:2)
Make it a game. Every one of those apps (with a few exceptions) are just spam. You can block them by clicking on the "posted by 'stupid app'" then on the apps page click on "block application".
A couple years ago, I found a list of the most popular facebook apps and ran a script with wgets to block them all for me. My FB account has thousands of blocked apps (and yes, there is a limit in their DB to how many you can block, which is kind of annoying as I've hit that limit).
Facebook (Score:4, Interesting)
Facebook is one of the most useful applications ever on the Internet. Love it or hate it, it connects people and their media. It's social networking on a grand scale.
With that said, to use one of the greatest applications ever, you must compromise your privacy and security. That's how good Facebook is, no matter how bad the bad is, people keep using it.
I've thought of emptying my profile several times, and just providing a link to a personal web site. I don't want to delete my account totally, there are still people that I want to keep in contact with that aren't really computer savvy, but know how to use Facebook. I also have a MyBand page for, well, my band. Very useful for letting people know when our shows will be, as well as a great way to connect to our fans.
I have enough experience with computers (30+ years) to know the scams when I see them. I have never gotten malware/spyware from an online social site. The one thing I do give up is a bit of my privacy. Not that I'm too worried about all the boogie men out there (although I will be more fearful when my kids are old enough to be on it). I do however sometimes feel like George Costanza on Seinfeld where his worlds were colliding. I don't always want to mix personal and business lives, but it seems to happen on Facebook.
I guess for now, I take the bad with the good and vice versa. I'm too lazy to change the world myself, so I'll leave it to the next visionaries to build a better Facebook and one that is just as popular.
Re: (Score:3, Funny)
I have never gotten malware/spyware from an online social site.
Yeah, porn is how they got me, too.
Re: (Score:2, Troll)
Or so you think. It could be that you have caught one of the ~50% of unknown viruses out there via a mere flash/java exploit... and a good one, you'd never know.
Re: (Score:3, Insightful)
I have never gotten malware/spyware from an online social site.
Or so you think. It could be that you have caught one of the ~50% of unknown viruses out there via a mere flash/java exploit... and a good one, you'd never know.
Reminds me of the old adage that if you want computer security, unplug the network cable and disable all removable drives.
Re: (Score:2, Funny)
Nothing's safer than 127.0.0.1 :)
Re: (Score:2)
and then seal it in concrete and bury it at the bottom of the nearest sea.
Even then...
Re: (Score:2)
With that said, to use one of the greatest applications ever, you must compromise your privacy and security
Must? It didn't used to be like this. Back in 2005ish before they added apps, Facebook Connect and so on, it was perfectly secure. In fact, that's why people used it.
Most people only put their photos and personal details on there because it was impossible for anyone other than your friends to see them. That's more or less still the case, but now any of your friends can fuck up and allow stupid apps access to your stuff.
Re: (Score:2, Insightful)
I'll admit it's handy, but the most useful? I actually laughed out loud when I read that.
It's just a website with people inserting data, and you get to search and read it. There are also "applications" that you can use, but they are basically wastes of time IMHO. In the end, it's a pretty version of MySpace.... only without the hiphop & latino gangsta bullshit.
There is no "most useful" application ever on the Internet. That term always is subjective, as I consider google mail to be the most useful,
Scam? I suppose, but... (Score:2)
It looks like a regular waste of time (which, by definition, is the point of all facebook activities, right?).
Now, there may indeed be a more nefarious info-gathering subtext to this, but otherwise it looks like it posts that you like this app (which many do), that you fill out a survey (which is what lots of people do on FB, based on many of my friends' status updates), and it sends you to a FF add-on.
This sounds like everything else on FaceBook...I'm waiting for the "then is steals your children and sells
Re: (Score:2)
Yeah, but that would be true of every single app on Facebook. Making gullible FB users jump though a pay-questionnaire like they were trying to find the unlock key for a movie on usenet is hardly nefarious. I see this as mostly non-news. *shrug*
I'm too cool for Facebook. (Score:4, Funny)
Re: (Score:2)
It it can't be displayed in Lynx I am not interested...
Pfft... newbie wuss. If you were really serious, you'd have demanded it ran on Gopher. :-)
The blame here is Facebook's. (Score:4, Insightful)
Re:The blame here is Facebook's. (Score:4, Interesting)
Re: (Score:2)
Is this what the spam looks like? (Score:2)
I've been seeing a lot of posts saying "[Name] likes [platitude] on ." from people who would probably never post [platitude]. Things like "Clarence likes “I don't have a temper problem, everyone else needs to stop pissing me off” on ." I'm afraid to click either the platitude or the heart, but I can't really find any evidence about what the hell is going on.
Re: (Score:2)
Re: (Score:2)
I'm afraid to click either the platitude or the heart, but I can't really find any evidence about what the hell is going on.
See that “Like” button underneath the post? Go ahead, click it. It won’t hurt you... honest. (It just perpetuates the spam, is all.)
Here's the problem... (Score:2)
FACEBOOK IS A SCAM.
They exist to derive value from your information. Friends, addresses, posts, even images.
That the scammers also sell you to other scammers should not be surprising.
So give Facebook only what you are willing to part with.
Ok?
4chan is not your personal army (Score:3, Insightful)
It's "stories" like this that make me wonder if people are trying to use Slashdot to get experienced people to do something about it so they don't have to.
If you lock everything down... (Score:2)
I run Facebook with almost everything turned off. And Flash with almost everything turned off. And Firefox with the privacy settings on high.
About half of sites with video won't play. Other sites produce errors because their Flash cookies won't work. YouTube's "Press ESC to exit full screen mode" message stays up forever. (I suspect YouTube does that just to keep people from running with high privacy settings.)
It's interesting to see who's evil, but somewhat annoying. Still, for every site that's
"Rogue" facebook application? WTF? (Score:2)
Can somebody explain this? I don't think anybody can integrate any bit of code into Facebook.
Re:It's not a Facebook problem (Score:5, Informative)
The scam hits everyone who uses Facebook, regardless of your browser, if you fall for it.
At the END of falling for the scam, after you've coughed up your survey answers and subscribed to the application, you would then be directed to a Firefox plugin (which was not developed by the people who are perpetrating the scam), at which point you could only install the plugin if you have Firefox.
By then, the scam authors couldn't give a shit whether you can use the plugin. It's not theirs, it's just something they found and used to give their scan a razor-thin veneer of respectability. I won't argue about the utility of the plug-in, because it has nothing to do with the scam.
Re: (Score:2)
I think socially it would make sense to have some more buttons.
Ah, you make the wrong assumption that the average person can handle choice. Depressingly they cannot.
Too many choices confuse people. Look at all those successful sites like Digg, etc. This is also why major corporations offer so few options: to prevent customers from NOT buying due to an abundance of choices. There are whole books written about this phenomenon.
Exactly, so they should be left with "I might like this or I might just be hitting the button to show attention to the topic" or "I shall do nothing, either due to my own apathy or I may willingly dislike the post. Yet, I may also like this and am unwilling to express it publicly, or maybe like it but not quite enough to state to my peers that I do."
See how hard just that is?
Re: (Score:3, Insightful)
Actually, I think you just described what 4chan would be like with buttons.
Hmm, if you go in /b/ you'll clearly see they're quite satisfied with artistically rendering their response into the form of an image that captures every poignant detail of their deep, meaningful logic.