"A Man Jumped on the Mall" Facebook Scam

Redressed Facebook Scam Makes a Comeback Before The New Year

Monday morning. Christmas was four days ago. Three days from now will be the first day of 2015.

You get out of bed, stretch, turn on your computer and coffee maker. You then open your Facebook page as you sip your hot drink. Under Notification, you see this:

CheckWhoFBNotif

Not the least bit surprised, are you?

Iterations of the infamous Facebook “Profile Viewers” are a dime a dozen, and they pop up now and then – probably to catch people off their guard.

Clicking the notice leads to a Facebook app page that quickly redirects to a third-party page sporting a (sure enough) survey scam:

3rdPartySite

click to enlarge

Doing a quick search on Facebook has yielded the following results:

CheckWhoFBResults

All but one of them are still up and running as of this writing.

click to enlarge

The page contains a very brief set of instructions on how one can know the viewers of their Facebook page.

Clicking the “Click Here” link has led  us two possible results: one, to its external site with a dot-pw TLD extension, something that should immediately raise a flag as that TLD is notoriously used by hackers and scammers to house their badware, such as exploits and risky imitation sites to name a few; second, to a page saying “Content Locked” (screenshot below), showing, of course, more shenanigans.

ContentLocked

click to enlarge

We had another go at searching for what else to see on Facebook and, sure enough, there’s more:

CheckVisitedResults

 

As of this writing, all pages are up, and they all look similar. Here’s what one of the pages look like:

CheckView

click to enlarge

This particular variant of the “Profile Viewer” scam have also exploited Facebook’s app feature, but this time, scammers disguised their pages as a game app, making it more receptive for other people to click them.

Closing the grey window reveals a large blue button that says “Invite All Friends To View Your Profile Visitors”. Clicking this sends out a request to Facebook friends that says “Beat my Highscore – Invite Friends to Start Playing now”.

Both of these scam types attempt to retrieve Facebook credentials from accounts.

Do avoid visiting these fake app pages or clicking those notifications at all cost.

Other related post(s):

Jovi Umawing

ABOUT THE AUTHOR

Jovi Umawing

Knows a bit about everything and a lot about several somethings. Writes about those somethings, usually in long-form.