Los Angeles — You may want to express your dislike for something on Facebook but… Be Aware! The social media network outfit seems to be a hotbed for scams of late. Recently, Facebook unveiled its new security features designed to block spam, a new scam is spreading fast on Facebook, announcing a “Dislike” button and offering to enable it on your account that somehow managed to override the company’s antispam defenses.
Two new scams snooping their way through Facebook are taking advantage of our sad, cynical need to judge. First, spammers exploited people’s curious natures by sending messages that claimed one can find out who viewed their profile after following certain steps; one of which asked them to invite friends to do the same.
The first “Enable Dislike Button” message pops up onto the popular social media Facebook walls. What makes it convincing is how the “Enable” button is right next to the “Like” and “Comment” buttons, (see screenshot below).
NOT REAL. If you should ever come across this message, just ignore, hide or mark it as spam, because that is exactly what it is. (Via Naked Security)
Well, once done, instead of availing the information you wanted, so, if you clicked on it, your friends will certainly dislike you because you have actually inadvertently “spammed” your other friends as well.
Indeed, thanks to Graham Cluley of Sophos for exposing this in time.
Cluley, sounded the alarm on the company’s Naked Security blog, informing Facebook users that if they click on the “enable dislike” button they will be distributing the fake message to all their Facebook buddies by posting it on their profile.
Now, spammers are at it again. This time, they claim Facebook is adding a “Dislike” button to user’s pages. Interestingly, Facebook does not have an official dislike button so do not be fooled. Even if the invitation comes from a friend you know well, do not click on the enable Facebook button.
Moreover, Cluley said that the message also runs an obfuscated Javascript on your computer, and clicking the link not only shares it with all your friends, but as he points out: “The potential for malice should be obvious.”
The spammers have redesigned their handiwork so it will get past Facebook’s scam detection system, company spokesman Fred Wolens told CNET today.
“There are new methods they have discovered after we put out the protections on Thursday,” he said. “It is an arms race. We put out new protections and they come up with new campaigns…When we announced the new security features, they were calibrated for all the self-XSS attacks we had seen at the time.”
So be aware, spread the word. Make sure your friends understand that they should be watchful of the messages and alerts put on their walls.
If you or anyone you know does receive this message, you can either hide it or mark it as spam. Marking it as spam may be better as you can then help Facebook improve its security in the future.
Facebook is learning and improving the situation with each new spam campaign and iteration of its defenses, Wolens said.