BitDefender offers evidence supporting the close connection between the Twitter scam reported by the Sophos naked security blog and a similar Facebook scam.
The BitDefender online threats team traced one of the URLs used to spread the #howlong Twitter attack and based on the advanced statistics provided by bit.ly managed to discover that several Facebook scams such as ‘See your first status’, ‘See who viewed your profile’ and ‘Your top stalker’ had been disseminated from the same user account. This previously tested recipe turns out to be a success among microblogging fans, which confirms that scammers are not necessarily creative but highly profit oriented. Crucially, it also confirms that scams on Facebook are performed by the same people that send scams on Twitter.
Statistics illustrate the proportions of this phenomenon both in point of geographical distribution and click count. For example, two of the malicious URLs used in this scam gathered more than eight thousand clicks. While this may not be an impressive figure in itself, users should be aware that the most frequent scenario is for each Facebook scam wave to use more than two hundred URLs to spread.
George Petre, BitDefender Threat Intelligence Team Leader states, “The similarities between the two scams indicate that their authors did not go to too much trouble when creating them, but that they clearly had efficiency in mind. Considering that social networks are a common layer of all platforms, scam authors may have found the perfect medium in which to cleverly maximise impact and any revenue they may be able to make.”