One of our favorite security blogs, F-Secure, recently posted the following informative article regarding some new malicious methods of Facebook spammers. Firefox and Chrome are used as avenues to further spread the scam via Facebook by use of a fraudulent YouTube browser plugin. A fake Facebook page displays a plugin installation if visited from either of those two browsers.
Facebook is recently doing a decent job at keeping survey spam posts at bay (all things considered).
So, what’s an entrepreneurial Facebook spammer to do? Well, some have tweaked their master plan, and have expanded their use of “cloud” services.
Using Amazon’s S3 file hosting service solves quite a few problems for these perpetrators. Number 1, Amazon’s S3 web service is pretty inexpensive to set up, therefore they can still earn from the surveys. Number 2, because Facebook has been pretty successful at blocking suspicious URLs linked to spam, hosting their scam’s code in a safe and popular domain such as amazonaws.com gives them a better chance to sneak through Facebook’s protections.
The diagram below basically shows the whole flow of the agenda.
Read the full article over at F-Secure.com, and learn more about this latest scam.