First a Facebook someone purporting to be a friend posts an image to the user's profile. So the user then types in the URL and proceeds to "stealing pics" to take them down.
Not that easy, however. First the user is presented with an auto-renewing subscription service for just $9.99 a month, and then is prompted to fill out a goofy multiple choice pop quiz, which, at first perusal, appears harmless.
Upon completion of this quiz, the user is hit up to take a "Personalized IQ Test," which for some reason, requires the user to enter his or her cell phone number.
"That's the money shot, right there. I enter a random phone number, but the site detects that I am not visiting from the U.S., and helpfully serves me up a new offer, this time based in the U.K.," Trend Micro security blogger Rik Ferguson said.
Ferguson pointed out that the scam proceeds to offer the user an e-credit card, with a membership fee of about $100 and a monthly $6.20 maintenance fee. Oh, and a $12 inactivity fee. Where can this e-credit card be used? Well, only at the e-Credit Plus Shopping Club Web site, of course.
Ferguson politely declined the kind offer. But once again, he doesn't get off that easy. Unfortunately, the attackers have other plans. They led him through a series of pop-up windows unresponsive to the "Cancel" button demanding that he accept the new line of credit.
The attack then forces Ferguson to surrender by clicking "OK." Finally, yet another window prompts him to submit his accurate login credentials.
And so goes another scam in which the attackers successfully strong-arm their victims into submitting credentialed information in order to further distribute malware and subject other unsuspecting souls to the fraud.
"Back once again to the familiar old bulletin pics scam from my previous blog post," Ferguson said. "I give them my password along with my name and e-mail address, they show me a picture of a monkey, and finally they let me know exactly how I can go and e-mail this to all my friends, just in case the traditional delivery through compromised accounts doesn't work for them."
- Juniper Honors 12 Americas Partners
- Facebook And Four More Web Sites We Love To Hate
- Cisco Honors Top Partners During 2010 Partner Summit
- HP Salutes Top Partners At APC 2010 Award Show
- Upclose And Personal With AMD And friends
- Will Oracle's Phillips' Affair Revelation Be A Distraction?
- Apple, Microsoft Unlikely Allies Against Google
- HP-Microsoft Cloud Partnership Needs To Show Us The Goods
- Blog: It's Time For A Cybercrime Public Service Announcement
- Nortel Sell-Off Continues: Ethernet Business To Ciena?
- Want To Deploy Exchange 2007 SP2 In A Server 2008 R2 Domain? Sorry
- Apple Improves iTunes 9 With Syncing, Visual Enhancements
- Oracle Ad Refutes Sun Hardware Fears
- U.S. Copyright Chief Rips Google Book Deal In Testimony
- Apple Slashes iPod Price Tags
- Price Is Right? Asus To Launch Low-Cost E-Reader
- Microsoft Xbox 360 Consoles Fail More Often Than Wii, PS3
- Privacy Group To Congress: Stop Online Advertisers In Their Tracks
- Microsoft, Intel Tout Their Collaboration On Windows 7
- Tech Data Adds Integration Services With New Center
| • |
| • |
| • |
| • |
| • |
| • |
| • |
|
|
