Multiple users are reporting on a currently circulating “Checkout Your PROFILE Stalkers” Facebook scam.
From: http://www.zdnet.com/blog/security/rss
My take on THIS…
Not too long ago, I also gave my take on something similar to this. It would seem that this keeps going on and it won’t stop anytime soon as it is being a successful vector of attack. By doing this, they get viral access to a lot of emails that they will then use to send spammy or phishing mails according to information extracted from the Facebook profile.
How would that work?
Well! When you add an app in Facebook, you authorize it to some access over the stuff in your profile. Each application asks for different types of information, and it is our responsibility to discern whether the app asks for relevant information vs. the features it offers or not.
Like an app to track RSS feeds will need the ability to post on your behalf to share new posts from your blog in a RSS feed of your website, said app would need that ability, and it asks for it in the authorization for the app. These scamming apps, are asking for pretty much full-blown access over your information and friends information.
A lot of people just take it as a fun thing to know, and authorize without giving it too much thought, the app starts spamming a lot of posts making its reach viral because other friends also will see it coming from you, and they will want to know too… relinquishing vital profile information that will later be used to attack them and their friends via email in further attempts to get your pc filled with malware, viruses or spyware or – Why not? - A mega-combo of it all!
Be wary. Use your best judgement when adding apps on Facebook, and teach your children about these things. They tend to use our computers, and get them busted for not knowing better.
