Select Page

Cyren Security Blog

The Cyren Security Blog is where Cyren engineers and thought leaders provide insights, research and analysis on a range of current cybersecurity topics.

Spammers invent new Facebook/Digg application – “Facebook Social”

OK – so there is a “Facebook Social Reader” for Digg – but “Facebook Social” is a neatly confusing invention of pharmacy spammers. The description of the new service seems to have been lifted more or less from the description of the Reader. The email welcomes users to the new service and invites them to “view profile details”:

The links in the email lead to compromised websites – in the sample above the site “itsnotenoughtodreamforum.com” has been hacked. The same URL folder structure is used as in the Facebook password reset outbreak reported last week, suggesting that the same gang is behind this new attack (using the Facebook name obviously guarantees a good open-rate). Scripts hidden on these sites redirect users to the destination pharmacy site – the “Toronto Drug Store” (which apparently is an “essential part of the Canadian RX Network”).

Email text:

Thank you for registering with us at Facebook Social. We look forward to seeing you around the site.

Your profile has two different views reachable through clickable tabs:

• View My Profile: see your profile as your network does

• Edit My Profile: edit the different elements of your profile

View profile details.

What is Facebook Social Share?

Enable Facebook social sharing, and share your Digg experience with your Facebook friends. Let your friends see what you’re reading as you discover the best news around the web. Click the Social button to turn this off.

You might also like

Protect Office 365 Email from Ransomware

Ransomware is continually evolving. It has become the “most prominent malware threat”, with experts estimating that ransomware attacks in 2021 resulted in total damage costs of $20 billion. While there is no ransomware that specifically targets Office 365 data, it can...