Slashdot Mirror

← Back to Stories (view on slashdot.org)

"Dislike" Button Scam Hits Facebook Users

Posted by CmdrTaco on from the i-dislike-this dept.

An anonymous reader writes "A message saying 'I just got the Dislike button, so now I can dislike all of your dumb posts lol!!' is spreading rapidly on Facebook, tempting unsuspecting users into believing that they will be able to "dislike" posts as well as "like" them. However, security researchers say that it is just the latest 'survey scam', tricking Facebook users into into giving a rogue Facebook application permission to access their profile, and posting spam messages from their account. The rogue application requires victims to complete an online survey (which makes money for the scammers) before ultimately redirecting to a Firefox browser add-on for a Facebook dislike button developed by FaceMod. "As far as we can tell, FaceMod aren't connected with the scam — their browser add-on is simply being used as bait," says Sophos security blogger Graham Cluley."

41 of 179 comments (clear)

  1. Mod the post by Drakkenmensch · · Score: 4, Funny

    -1 "Dislike"

    1. Re:Mod the post by Jurily · · Score: 5, Insightful

      Why should I care about the scuttlebutt of the internet.

      Don't know about you, but a lot of my friends use it, and guess who gets to clean up the mess every time they fall for something like this.

    2. Re:Mod the post by FuckingNickName · · Score: 4, Insightful

      I don't know... are they responsible for themselves?

      Oh, that's right, they never have to learn because you'll be there to fix the problem every time.

    3. Re:Mod the post by jgagnon · · Score: 5, Insightful

      It takes a village to raise an idiot...

      --
      Remember to maintain your supply of /facepalm oil to prevent chafing.
    4. Re:Mod the post by ciderbrew · · Score: 4, Insightful

      Because they get their machines taken over.
      A bot-net gets bigger.
      A granny can't use her machine.
      Evil porn is served up from Teh Gran Machine.
      The state kick down Gran's door and take her away.
      Gran gets 30 years in jail. She's 96.

      I missed out profit & base ownership claims. It is all bad for Gran.

    5. Re:Mod the post by cjjjer · · Score: 3, Insightful

      I used to do this as well till I got tired of "fixing" my families and friends computers all the time. I stopped and when they had issues told them to take it to XYC company to get it fixed as I was "busy" a nice big fat bill and in some cases losing all their files made them think a bit more about security and "just clicking on any-old-thing".

    6. Re:Mod the post by arkane1234 · · Score: 3, Funny

      ... but it only takes a B-52 to raze a village.

      --
      -- This space for lease, low setup fee, inquire within!
    7. Re:Mod the post by jgagnon · · Score: 3, Funny

      Love Shack, baby!

      --
      Remember to maintain your supply of /facepalm oil to prevent chafing.
  2. News? by SimonTheSoundMan · · Score: 3, Informative

    Been going on for months.

  3. Everybody Panic! by commodore64_love · · Score: 2, Funny

    OH Noes!

    (obligatory anim GIF) http://i108.photobucket.com/albums/n13/greatcapp/oh-noes-everybody-panic.gif

    I never listen to those "check out this new feature" ads.
    Invariably you have to hop through hoops. It's never free.

    --
    "I disapprove of what you say, but I will defend to the death your right to say it." - historian Evelyn Beatrice Hall
  4. Dislike by geekgirlandrea · · Score: 4, Funny

    Can I just have a 'Dislike' button for all of Facebook, please?

    Actually, I think I'll take a 'Tactical Nuclear Strike' button instead, now that I think of it.

    1. Re:Dislike by TheRaven64 · · Score: 4, Informative

      There's a Safari addon called 'defacer' which removes all Facebook buttons and links from every page that you visit (I've not tried it, I just noticed it the other day). Presumably there are similar things for other browsers...

      --
      I am TheRaven on Soylent News
    2. Re:Dislike by Yvan256 · · Score: 4, Funny

      Actually, I think I'll take a 'Tactical Nuclear Strike' button instead, now that I think of it.

      Unable to comply. Ghost Academy required.

    3. Re:Dislike by Anonymous Coward · · Score: 3, Informative

      No, it's a Science Facility with Covert Ops, and a Nuclear Silo attached to your Command Center. ...whaddya mean, "There's a second one."?

    4. Re:Dislike by clone53421 · · Score: 2, Informative

      I just have the following AdBlock Plus rules...

      facebook.com$third-party,~domain=fbcdn.net
      fbcdn.net$third-party,~domain=facebook.com

      --
      Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
  5. And? by meisenst · · Score: 5, Insightful

    This is not new news, really. There is always some scam going around that takes advantage of the inability of most users to distinguish untrusted content from trusted content, not to mention the people who click Yes to every pop-up without understanding what they've just done.

    Facebook is a gold mine for scams like this. There are way too many people using the site that don't care about the dangers. Apathy and ignorance are best ways to spread this kind of thing, and they are found aplenty in any social networking crowd, at least when it comes to the technology behind the social aspect.

    --
    Green's Law of Debate: Anything is possible if you don't know what you're talking about.
    1. Re:And? by Securityemo · · Score: 5, Interesting

      It's not that they don't care, it's that they can't percieve what's real content and not - because they don't have a model of the underlying structure beyond the surface of the content.

      --
      Emotions! In your brain!
    2. Re:And? by jeffmeden · · Score: 3, Interesting

      This one gets bonus points for spreading by appealing to the dark side of human nature with their offer of a new and exciting way to threadcrap. As if random popup ads don't snare enough people, now they are out there with an appealing product (at face value anyway) that users have to actively resist. Just when the idea of Facebook itself as a scam was gaining traction, now we have this shit-sandwich-deep-fried-in-vomit craze sweeping the 'tubes. The internet is doomed!

    3. Re:And? by rufty_tufty · · Score: 3, Interesting

      I think that's harsh to most users.
      In this day and age we expect to be able to do most things without understanding the fundamentals that they are built on.
      How many people who use a bank/have a mortgage have a degree in economics and accounting?
      How many people who drive a car can strip the engine down to component parts and successfully rebuild it.
      How many software engineers can architect a modern CPU right down to the logic synthesis and asic layout complete with timing closure and dealing with sub micron silicon effects such as crosstalk and antenna diodes.
      You shouldn't need to have the underlying structural knowledge of everything in order to accomplish common everyday tasks. Tools for staying in touch with friends are tools to help a common everyday task.

      As long as facebook aims itself at novices to the web then it should be usable by newbies. Being a clueless novice is not a crime, we've all been there. Facebook is sold to many as one of the reasons to start going on the web, but yet is one of the most dangerous places for new people to play about with,
      I blame those who run facebook not the users.
      So yes I am on facebook because it is a great place to tag photos of people and because almost all my friends are on it so it's a good way keep up with people who you don't see as often as you'd like. I don't think that means that I am about to buy a pet rock because I am on facebook to be tagged in photos, get invited to parties, be reminded of birthdays, and be informed that my old friend from Uni has just had a baby.

      --
      "The weirdest thing about a mind, is that every answer that you find, is the basis of a brand new cliche" -
  6. In other news by should_be_linear · · Score: 4, Insightful

    3295671st variation of "I love you" malware appeared online affecting mostly dumb BFUs.

    --
    839*929
  7. Comment removed by account_deleted · · Score: 4, Insightful

    Comment removed based on user account deletion

  8. Re:Facebook is a Ponzi scheme by Abcd1234 · · Score: 4, Funny

    Uhuh. The you don't know what a Ponzi scheme is, and it's the *facebook* users that are the morons... riiiight.

  9. Re:How is this new? by shadowrat · · Score: 3, Funny

    Man did I get screwed over by iPhone spell replacement.

  10. Loathing for facebook. by Securityemo · · Score: 2, Informative

    I can't really understand the loathing most people here display for facebook. Or rather, I do, but it seems like people loathe the basic idea of a "IRL overlay" social web? As long as you know enough people who use it, it's great for coordinating IRL activities like parties, birthdays, the nicer kind of activism, etc...

    --
    Emotions! In your brain!
    1. Re:Loathing for facebook. by arkane1234 · · Score: 4, Insightful

      it's great for coordinating IRL activities like parties, birthdays, the nicer kind of activism, etc...

      So was MySpace, your point?
      Most of the hate about Facebook is that they are hypocritical and do not care about the values of humans. They will lie to you to get you to post private data up, make it appear as of your privatizing it, then make it so it's public. They'll also harvest (farm? data mine?) information and sell it.
      Other than that, they're great. Uh huh.

      --
      -- This space for lease, low setup fee, inquire within!
  11. Facebook by sheehaje · · Score: 3, Interesting

    Facebook is one of the most useful applications ever on the Internet. Love it or hate it, it connects people and their media. It's social networking on a grand scale.

    With that said, to use one of the greatest applications ever, you must compromise your privacy and security. That's how good Facebook is, no matter how bad the bad is, people keep using it.

    I've thought of emptying my profile several times, and just providing a link to a personal web site. I don't want to delete my account totally, there are still people that I want to keep in contact with that aren't really computer savvy, but know how to use Facebook. I also have a MyBand page for, well, my band. Very useful for letting people know when our shows will be, as well as a great way to connect to our fans.

    I have enough experience with computers (30+ years) to know the scams when I see them. I have never gotten malware/spyware from an online social site. The one thing I do give up is a bit of my privacy. Not that I'm too worried about all the boogie men out there (although I will be more fearful when my kids are old enough to be on it). I do however sometimes feel like George Costanza on Seinfeld where his worlds were colliding. I don't always want to mix personal and business lives, but it seems to happen on Facebook.

    I guess for now, I take the bad with the good and vice versa. I'm too lazy to change the world myself, so I'll leave it to the next visionaries to build a better Facebook and one that is just as popular.

    1. Re:Facebook by mujadaddy · · Score: 2, Funny

      I have never gotten malware/spyware from an online social site.

      Yeah, porn is how they got me, too.

      --
      Populus vult decipi, ergo decipiatur...
      "Force shits upon Reason's back." - Poor Richard's Almanac
    2. Re:Facebook by sheehaje · · Score: 2, Insightful

      I have never gotten malware/spyware from an online social site.

      Or so you think. It could be that you have caught one of the ~50% of unknown viruses out there via a mere flash/java exploit... and a good one, you'd never know.

      Reminds me of the old adage that if you want computer security, unplug the network cable and disable all removable drives.

    3. Re:Facebook by arkane1234 · · Score: 2, Insightful

      I'll admit it's handy, but the most useful? I actually laughed out loud when I read that.
      It's just a website with people inserting data, and you get to search and read it. There are also "applications" that you can use, but they are basically wastes of time IMHO. In the end, it's a pretty version of MySpace.... only without the hiphop & latino gangsta bullshit.

      There is no "most useful" application ever on the Internet. That term always is subjective, as I consider google mail to be the most useful, with rudder.com being the second most useful for my uses. (financial organization) You may not agree with my decisions, but it has as much credence as your stating that Facebook is one of th emost useful applications ever on the Internet.

      I guess to sum it up, it's not the code that does it, it was simply that it was something people went to as an alternative. Before the mass migration, it was simply because "It's where adults go, it's hosted by a college". It ended up hitting critical mass, and then commercial entities acknowledged it in order to ply their wares.

      --
      -- This space for lease, low setup fee, inquire within!
    4. Re:Facebook by arkane1234 · · Score: 2, Funny

      Nothing's safer than 127.0.0.1 :)

      --
      -- This space for lease, low setup fee, inquire within!
  12. I'm too cool for Facebook. by edmicman · · Score: 3, Funny

    oblig. "I'm too cool for Facebook, and anyone who uses it is Teh Stoopid". post. In fact, I'm so indie I only use websites that don't exist yet that no one else uses, either. And I don't communicate with anyone or anything via the Internet, I only passively consume it. Yay!

  13. Re:It's not a Facebook problem by natehoy · · Score: 5, Informative

    The scam hits everyone who uses Facebook, regardless of your browser, if you fall for it.

    At the END of falling for the scam, after you've coughed up your survey answers and subscribed to the application, you would then be directed to a Firefox plugin (which was not developed by the people who are perpetrating the scam), at which point you could only install the plugin if you have Firefox.

    By then, the scam authors couldn't give a shit whether you can use the plugin. It's not theirs, it's just something they found and used to give their scan a razor-thin veneer of respectability. I won't argue about the utility of the plug-in, because it has nothing to do with the scam.

    --
    "This post contains words, known to the State of California to cause thought. Wash brain thoroughly after reading."
  14. Easiest way to black facebook by nephridium · · Score: 3, Informative

    ..or you could simply add "127.0.0.1 facebook.com" to your hosts file - one little tweak, works on every OS, on every browser. The cleanest way for all those who just don't care much for it.

    (Btw if you're using localhost as a webserver it's probably better to use 0.0.0.0 for all you annoyance blocking needs instead)

    --


    And when you gaze long enough into the code, the code will also gaze into you.
    1. Re:Easiest way to black facebook by GIL_Dude · · Score: 2, Insightful

      I always see that claim that a hosts file works on every OS and every browser. People always seem to forget that if you are using a proxy server (for example at work), the hosts file is ignored. The proxy server controls what the address is. So the hosts file thing works perfectly (and I use it) at home where I don't have to go through a proxy. But it is useless at work (and yes, there are things I would like to block there too - and random facebook and twitter buttons on pages are indeed some of them).

    2. Re:Easiest way to black facebook by Anonymous Coward · · Score: 2, Interesting

      You can also just go to a country where facebook is blocked (like China or Pakistan.)

  15. !news by TrisexualPuppy · · Score: 5, Insightful

    This article isn't really news. It seems that there is *always* something like this happening. Facebook is the perfect place for scams to happen. It's basically the new AOL.

    You have many amateur users who don't understand the first thing about security, and you have millions of them. Millions! Make something that looks slightly "official," and you've got it made. (Remember the old antivirus popups on websites?)

    We basically have a conglomerated database of targets for any exploit in a system that changes its layouts and features so frequently that no one can ever recognize that something looks a little off...

    1. Re:!news by LinuxIsGarbage · · Score: 2, Insightful

      (Remember the old antivirus popups on websites?)

      Old? Those started becoming popular what? 2-3 years ago? And they are STILL popular, and STILL very nasty.

  16. The blame here is Facebook's. by DamienNightbane · · Score: 4, Insightful

    The bottom line is that this scam wouldn't be possible if Facebook had implemented a real dislike button years ago when people demanded one.

    1. Re:The blame here is Facebook's. by asdf7890 · · Score: 3, Interesting

      And if they add that, I'd like a "meh" button too.

  17. 4chan is not your personal army by Aphoxema · · Score: 2, Insightful

    It's "stories" like this that make me wonder if people are trying to use Slashdot to get experienced people to do something about it so they don't have to.

    --
    "Most people, I think, don't even know what a rootkit is, so why should they care about it?"
  18. Re:There SHOULD be all kinds of buttons by Aphoxema · · Score: 2, Insightful

    Actually, I think you just described what 4chan would be like with buttons.

    Hmm, if you go in /b/ you'll clearly see they're quite satisfied with artistically rendering their response into the form of an image that captures every poignant detail of their deep, meaningful logic.

    --
    "Most people, I think, don't even know what a rootkit is, so why should they care about it?"