Facebook Spamming

[Kyle]

This might be old news to some of you but it's the first time I've seen it on this scale - as of this morning quite a few of my friends profiles on Facebook have been hacked and spammed with a colon cleanser offer status update.

Domain spammed is PurgeColon.net which iframes an aff link to CleanColonCleanse.com. The aff link is:

Clean Colon Cleanse

I don't recognise the tracking domain but whichever network this is might want to jump on this ASAP.

 

[conv3rsion]

whats the tracking domain, follow http headers

 

[n0fxx]

just click Delete and go on with your life

 

[rileypool]

Facebook will send out a C&D. Ask me how I know.

 

[Danc1122]

Facebook will send out a C&D. Ask me how I know.

How do you know?

 

[turbolapp]

Ahh yes. This confirmed my suspicions. It certainly makes alot more sense than the little Japanese girl I know that never said "boo" in highschool, is now slinging da berriz.

 

[CygnusX]

This message was posted earlier today by several of my friends:

I lost 8 1/2 pounds in only 2 weeks with this new pill! visit ColonVital.com to get your free trial pack

Same offer, same network, same affiliate.

 

[Jackeyy]

ahhhh so thats what im seeing LOL

 

[Grindstone]

Ahh yes. This confirmed my suspicions. It certainly makes alot more sense than the little Japanese girl I know that never said "boo" in highschool, is now slinging da berriz.

Saw this last week with one of my friends, only they also dropped a link to facesofmeth.com....wtf? How does that help conversions?

 

[HarveyJ]

Anyone else reckon this hijacking is direct from the latest app that people absolutely have to have?

 

[johu]

You know that Facebook will contact the affiliate network about it, and there is a good chance that a network will refuse to pay an affiliate (but rake in the dough themselves), since this kind of phishing/spamming is usually against network TOSes.

 

[cardine]

Phishing is a lot harder now because Facebook requires you to enter your birthday if you enter from a different IP address. That leads me to think either the phisher is also getting the birthday, or it is something else.

 

[johu]

Phishing is a lot harder now because Facebook requires you to enter your birthday if you enter from a different IP address. That leads me to think either the phisher is also getting the birthday, or it is something else.

Hmm, haven't had that happen to me when I've used different computers/ips to log on to Facebook.

With the advent of Facebook connect, phishing is getting a lot simpler. Now people are accustomed to seeing a Facebook login box on non-facebook websites, so phishing could happen very easily from malicious pages with fake login boxes.

 

[tainted]

With the advent of Facebook connect, phishing is getting a lot simpler. Now people are accustomed to seeing a Facebook login box on non-facebook websites, so phishing could happen very easily from malicious pages with fake login boxes.

This, except a bit more elaborate.

 

[Bevo Ryan]

Facebook really cleaned up ever since the deal with MSN about a year ago. I use to see spam on there all the time, it's not even 1/10th of what it use to be. Good for them for not making the same mistakes as Myspace

 

[cardine]

Hmm, haven't had that happen to me when I've used different computers/ips to log on to Facebook.

With the advent of Facebook connect, phishing is getting a lot simpler. Now people are accustomed to seeing a Facebook login box on non-facebook websites, so phishing could happen very easily from malicious pages with fake login boxes.

I get it whenever I use a proxy to log into facebook, so maybe it is only when your current IP is X miles away from the IP you usually use.

Actually doing the phishing is very easy; there are a shitload of easy/non-technical ways to get users to part with their account info.

 

[DirSP]

It seems like the spamming is by the chinese. Clickbooth offers...

Stop drinking Slimfast, read a weight loss blog instead healthylifee.cn

 

[kidChaos]

Phishing is a lot harder now because Facebook requires you to enter your birthday if you enter from a different IP address. That leads me to think either the phisher is also getting the birthday, or it is something else.

wat? I just moved states and I login from different IP's at coffee shops, etc. all the time. I've never had this happen.

 

[cardine]

wat? I just moved states and I login from different IP's at coffee shops, etc. all the time. I've never had this happen.

It has certainly happened to me multiple times. Either Facebook doesn't do it anymore, or I was using a proxy located somewhere outside of the US (maybe in a developing nation that is associated with fraud).

So American phishers should be having no trouble phishing Facebook accounts.

 

[volknet]

If the affiliate network that got the traffic would please post how much this person made, it would make me smile and love you long time.