Rogue Facebook app takes over accounts

A flurry of statuses saying “OMG! Im never going to send another text message again after seeing this!” and “OMG! Im not txtin again now that I have seen this!” and offering a shortened link have been popping up on Facebook during the weekend, and contrary to what we might expect, it wasn’t another survey scheme.

This one is far more dangerous, because the user is encouraged to permit a rogue application to access his basic information and data, post to his wall and receive e-mails from it at any time:

You really don’t want to give permission for any of that, especially to allow the application to post on your wall and luring other potential victims, and e-mailing you directly and sending you potential malicious links.

Also, as Graham Cluley points out, the trade-off is insignificant, since the content offered in exchange for this permission is an article about texting from the Sydney Morning Herald (from 2008!) which is available to anyone.

As soon as the application gets approved by the victim, it immediately updates his status with the same message he fell for. To those who have fallen for the scam, it is recommended to delete the status message and go to the Application Settings and remove the application.




Share this