You are currently browsing the monthly archive for November 2010.

We are continuing with our weekly “Top 10” lists of the most dangerous and spamiest Facebook Pages.  If you would like to read how we come up with the lists, check out our initial post here but here is how we define each category…

Most Dangerous Category: This category could be a post or comment containing a dangerous link.  These links can lead to malware, phishing, or suspicious/dangerous Facebook applications that gather personal information and use people’s accounts for spam.

Spamiest Category: The spam noted could be Wall spam or comment spam.  All the spam messages included in the tally contain at least one URL and have been posted multiple times across different pages and post comments.

Here is this week’s Top 10 lists.

Most Dangerous

Rank Last Week’s Ranking Facebook Page Threat Count Last Week’s Threat Count
1 1 Justin Bieber 1437 1236
2 5 Harry Potter 379 465
3 2 Twilight 379 701
4 9 Lil Wayne 375 405
5 44 FarmVille 345 201
6 6 Usher 334 437
7 3 Texas Hold’em Poker 324 503
8 14 Shakira 302 380
9 13 Linkin Park 284 383
10 22 AKON 269 272



Spamiest

Rank Last Week’s Ranking Facebook Page Threat Count Last Week’s Spam Count
1 1 Lil Wayne 2253 2150
2 2 Texas Hold’em Poker 2116 2047
3 4 Drake 1475 1706
4 16 Real Madrid C.F. 1415 857
5 21 FarmVille Cows 1325 722
6 19 FarmVille Sheep 1188 756
7 8 Wiz Khalifa 1170 1402
8 7 Justin Bieber 1133 1512
9 15 FC Barcelona 867 878
10 Michael Jackson 784



A few notes about this week’s list:

Looking at the dangerous listing, we are seeing a correlation between the pages targeted and celebrity news.  For example Justin Bieber, Usher, Twilight, Lil Wayne, and Harry Potter were in the Top 10 last week and continue to be a presence this week.  We are also seeing a reemergence of the various Zynga games.  This holds true from last week.  We expect to continue to see the same trend over the coming weeks.

As for the spamiest list, this week is showing multiple social game pages, celebrity pages, and even some soccer team pages.  We are expecting to see a continuous presence of social games in this category.  We may be seeing the soccer teams because of a few matches played in the last week. Due to the appearance of the teams of the field, we may assume there was an increase of visits to their Facebook pages.

Advertisements

In keeping with our policy of vigilance, we recently have found another attack targeting Justin Bieber’s Facebook page.  If you recall from last week’s Top 10 list, Justin Beiber’s Facebook page achieved the top spot in the Dangerous category and the seventh spot in the Spamiest category.  To better acquaint you with the threat, we’ve broken down what happens.

Here we see some “Breaking News”:

Apparently, Justin Beiber has been caught red-handed! Quick, click “subscribe.”

Uh, that’s not what we were expecting, but never mind that right now. Onwards!

There we go! Now we can watch our video.

Wait a minute! Does that say YouTube? We could have seen this (shaky) video by simply going directly to YouTube. What was all that messing around with permissions?

And just look at what this app has done to our wall.

Spam. In our name. Bad app, no treat.

The moral of this story is, never allow an app more permission than it should logically need. All this app claimed it was going to do was show us a video, so why would it need permission to post to our wall, access our data anytime, or manage our pages?

If you or someone you know has fallen victim to this app or one of the many others like it, you should revoke the app’s permissions. To do this, go to “Account>Privacy Settings”. Under “Applications and Websites,” click “Edit your settings.” Then click “Remove unwanted or spammy applications.” Finally, click the little “x” by the app you want to remove and confirm your desire to remove it by clicking the blue “Remove” button in the box that pops up.

And if you really must see that video of Justin Beiber kissing some girl…

http://www.youtube.com/watch?v=qyRA2xyK1e8

Knock yourself out.

Last week, we published the first of our weekly “Top 10” lists on the most dangerous and spamiest Facebook Pages.  If you would like to see last week’s lists and understand how we come up with the lists, check out our initial post here.

Here are this week’s Top 10 lists…

Most Dangerous

Rank Last Week’s Ranking Facebook Page Threat Count Last Week’s Threat Count
1 1 Justin Bieber 1236 670
2 34 Twilight 701 43
3 2 Texas Hold’em Poker 503 239
4 23 Dirty Dancing 483 55
5 101 Harry Potter 465 25
6 117 Usher 437 22
7 Mama Mary 418
8 22 Michael Jackson 407 55
9 48 Lil Wayne 405 38
10 37 YouTube 402 42



Spamiest

Rank Last Week’s Ranking Facebook Page Threat Count Last Week’s Spam Count
1 Lil Wayne 2150
2 Texas Hold’em Poker 2047
3 3 FrontierVille 1926 1155
4 Drake 1706
5 1 FarmVille 1622 1489
6 42 Underground & Gangsta Rap 1598 167
7 Justin Bieber 1512
8 2 Wiz Khalifa 1402 1477
9 63 Mafia Wars 1329 120
10 63 Fikra ve Espiri Dünyasi 1243 120



A few notes about this week’s lists:

Last week our “Top 10” included many social games.  This week we are seeing more celebrity pages included.  Perhaps this is tied to current events.  For example, Lil Wayne was just released from jail and has had a resurgence in news exposure this past week.  It will be interesting to continue tracking this trend in the coming weeks.

A lot of the activity related to the “most dangerous” list was due to a malicious application outbreak on November 17.  The app enticed the user with “See the shocking video of the 1-year-old girl who CARRIES TWIN SISTER inside belly.”  To see the video, the user had to authorize the application.  Once authorized, the app proceeded to spam the user and possibly the user’s fan pages to propagate, or spread.

A point of interest is the inclusion of Mama Mary, a Facebook page dedicated to Mary, the Mother of Jesus.  We don’t usually see religious-centered pages enter into the Top 10.  This one seems to be an instance of collateral damage.  The same malware application spammed to most of the rest of the Top 10 ended up covering this page.

SafeToBe.Me was created to help monitor and inform consumers of privacy and security issues in Facebook.  The application looks for spam, malware, phishing scams, automatic file downloads, and strong language.  SafeToBe.Me scans Facebook Pages, status updates, comments to statuses, and application posts, and notifies users of any potential spam or danger.  To better inform consumers, today we are releasing our first weekly “Top 10” list of the Facebook Pages containing the most dangerous content and the most spam.

Overall we monitor the Top 5000 popular Facebook Pages and any pages “liked” by our users.  We scan those pages for instances of spam or potentially dangerous links.  Even if a page falls out of the Top 5000 Facebook Pages, we keep it in our monitoring rotation.  Threats are typically found in posts by users on the Wall of a page or in comments made to a status update posted on a page.  We’ve broken done the categories into “Most Dangerous” and “Spamiest”.  Below are descriptions of these categories.

Most Dangerous Category: This category could be a post or comment containing a dangerous link. These links can lead to malware, phishing, or suspicious/dangerous Facebook applications that gather personal information and use people’s accounts for spam.

Spamiest Category: The spam noted could be Wall spam or comment spam. All the spam messages included in the tally contain at least one URL and have been posted multiple times across different pages and post comments.

Thus we present this week’s Top 10 lists.

Most Dangerous
Rank Facebook Page Threat Count
1 Justin Bieber 670
2 Texas Hold’em Poker 239
3 Social City 228
4 YoVille 210
5 FarmVille 187
6 FarmVille Cows 157
7 Cafe World 136
8 Restaurant City 112
9 FarmVille Sheep 100
10 SOY ARGENTINO 96
Spamiest
Rank Facebook Page Spam Count
1 FarmVille 1489
2 Wiz Khalifa 1477
3 FrontierVille 1155
4 Michael Jackson 900
5 FarmVille Cows 616
6 KopTuq mu xDe..! 596
7 FarmVille Sheep 533
8 FC Barcelona 530
9 Amr Khaled 526
10 T.I. 479

Notice that many of the Facebook Pages in our rankings are social games.  We know that social games are very popular on Facebook so it is not a surprise that malware and spam pushers are focusing on this category.

Here is another phishing scam. This one is aimed at getting your Facebook username and password.

This is what you see when you visit http://apps.facebook.com/celebrities_sexparty/

The app promises to provide “live sex” after logging in through the application box. Note that I am already logged in to Facebook (top right of the page). See the dilemma?

Taking a closer look, the login box is a rather good replica of the real Facebook login form. However, the junk surrounding it is a dead giveaway. After entering something into the boxes, it tells you that the Email/Password combo is wrong (even if it was correct) and asks for your information again.

For many, the logical response is to click and reset their password. By doing that, the “reset your password here” link leads to http://www.portalsat.net/reset.php, but whatever was there seems to have been removed and we are given a 404 error page.

Clicking the login button on this second page will initiate a download of a 33MB .zip file that actually turns out to be in .rar format (go figure). It contains 9 porn clips in .3gp format. These porn clips are not what was requested, but are now on the computer. Like all porn pop-ups, these will inevitably keep popping up at the most inopportune times.

Interesting side note: These guys might have actually left pictures of themselves on their site, too. http://www.portalsat.net