Scam message offers you to enable a ‘Dislike’ button on Facebook

Many of us on various occasions would have wished to see a ‘Dislike’ button on Facebook along with the ‘like’ button. There’s a good news and a bad won for those wishing to show their disagreement or disliking towards a post, picture or a video on Facebook. The good news is that there is a way to ‘Enable the ‘Dislike’ button’ on Facebook but the bad news is, this is a scam.

Messages claiming to offer the opposite to a like button have been appearing on many Facebook users’ walls:

Facebook now has a dislike button! Click 'Enable Dislike Button' to turn on the new feature!

“Like the “Preventing Spam / Verify my account” scam which went before it, the scammers have managed to waltz past Facebook’s security to replace the standard “Share” option with a link labelled “Enable Dislike Button”,” explains Graham Cluley, Senior Technology Consultant at Sophos.

The fact that the “Enable Dislike Button” link does not appear in the main part of the message, but lower down alongside “Link” and “Comment”, is likely to fool some users into believing that it is genuine.

Clicking on the link, however, will not only forward the fake message about the so-called “Fakebook Dislike button” to all of your online friends by posting it to your profile, but also run obfuscated Javascript on your computer.

There is no official dislike button provided by Facebook and there isn’t ever likely to be. But it remains something that many Facebook users would like, and so scammers have often used the offer of a “Dislike button” as bait for the unwary.

Here’s another example that is spreading, attempting to trick you into pasting JavaScript into your browser’s address bar, before leading you to a survey scam:

Lord Gaga video banned? Twitter rogue app spread by scammers

After a rogue video of Lady Gaga stormed Twitter, scammers are once again seeding an attack against Twitter users, posing as a banned video of “Lord Gaga” in an attempt to compromise accounts.

The mention of “Lord Gaga” refers to a running-joke on Twitter today, about what would happen if Harry Potter villain Lord Voldermort and Lady Gaga hooked up. The hashtags, which can vary, appear to be taken from Twitter’s trending topics in an attempt to reach a wider audience.

“New Twitter profiles, which have the names and avatars of young women, have been created specifically for the purposes of spreading the link “, notes Graham Cluley, senior technology consultant at Sophos.

What makes the profiles even more suspicious is that the only messages they have tweeted out so far have all been to the same place – a fake YouTube site, which pretends to host the banned video.

Twitter’s security team would be wise to shut down the bogus profiles as soon as possible, before the attack spreads further because rather than playing a music video, clicking on the player will attempt to trick users into giving a rogue application the rights to access their Twitter account.

An app called “money works new” hardly sounds like it would be connected to a music video, and you would be wise not to give it access to your account. But, as we’ve seen in the past, Twitter users can be tricked by such an attack into making poor decisions.

If you do make the mistake of authorizing the app, the scammers won’t waste any time posting the same message from your account – hoping to entrap more victims.

If you were unfortunate enough to grant a rogue applications access to your Twitter account, revoke its rights immediately by going to the Twitter website and visiting Settings/Connections and revoking the offending app’s rights.

Don’t make it easy for scammers to make money in this way, and always exercise caution about which third party apps you allow to connect with your social networking accounts.

Be wary of online romance scams: IC3

FBI’s Internet Crime and Control Center, IC3 is warning the public to be wary of romance scams in which scammers target individuals who search for companionship or romance online. Someone you know may be “dating” someone online who may appear to be decent and honest. However, be forewarned: the online contact could be a criminal sitting in a cyber café with a well-rehearsed script that scammers have used repeatedly and successfully. Scammers search chat rooms, dating sites, and social networking sites looking for victims. The principal group of victims is over 40 years old and divorced, widowed, elderly, or disabled, but all demographics are at risk.

Scammers use poetry, flowers, and other gifts to reel in victims, the entire time declaring their “undying love.” These criminals also use stories of severe life circumstances, tragedies, deaths in the family, injuries to themselves, or other hardships to keep their victims concerned and involved in their schemes. Scammers also ask victims to send money to help overcome a financial situation they claim to be experiencing. These are all lies intended to take money from unsuspecting victims.

In another scheme, scammers ask victims to receive funds in the form of a cashier’s check, money order, or wire transfer, claiming they are out of the country and unable to cash the instruments or receive the funds directly. The scammers ask victims to redirect the funds to them or to an associate to whom they purportedly owe money. In a similar scheme, scammers ask victims to reship packages instead of redirecting funds. In these examples, victims risk losing money and may incur other expenses, such as bank fees and penalties, and in some instances face prosecution.

Victims who have agreed to meet in person with an online love interest have been reported missing, or injured, or in one instance, deceased. IC3 complainants most often report the countries of Nigeria, Ghana, England, and Canada as the location of the scammers. If you are planning to meet someone in person that you have met online, the IC3 recommends using caution, especially if you plan to travel to a foreign country, and, at the very least:

•  Do not travel alone.
• Read all travel advisories associated with the countries you will visit. Travel advisories are available at http://travel.state.gov/.

Even though it seems to be contrary to the thought of starting a new romance, do not be afraid to check a new acquaintance’s story online. Remember, like most fraudulent schemes, scammers use whatever personal information you provide to quickly paint themselves as your perfect match. If your new friend’s story is repeated through numerous complaints and articles on the Internet, it is time to apply common sense over your feelings. To obtain more information on romance scams and other types of online schemes, visit http://www.LooksTooGoodToBeTrue.com.

Hackers made $11 million in unauthorized transfers to China, says FBI

In a first of its kind report, Federal Bureau of Investigation, U.S. (FBI) has quantified the economic impact of Chinese hackers on U.S. businesses. According to a fraud alert from FBI, U.S. businesses have been taken for at least $11 million over the last year thanks to unauthorized wire transfers to China. Cybercriminals have been compromising the businesses’ banking credentials in order to send money overseas.

At least 20 incidents occurred between March of 2010 and April of 2011 that resulted in the credentials of small-to-medium-sized businesses being compromised. According to the FBI, the typical scenario involves scammers sending phishing e-mails to the business in question, at which time someone enters the business’ banking credentials into a malicious website. The scammers then use the credentials to log into the business’real banking website in order to wire money to “Chinese economic and trade companies.”

In just a year, this resulted in $11 million in losses, with transfer amounts ranging from $50,000 to $985,000 at a time. The total attempted amounts were closer to $20 million, though—the FBI says that many attempted transfers were over $900,000, but the scammers are usually more successful trying smaller amounts. On top of the electronic wire transfers, some of the scammers also sent domestic money mules to the U.S. in order to make further fraudulent transactions.

“The economic and trade companies appear to be registered as legitimate businesses and typically hold bank accounts with the Agricultural Bank of China, the Industrial and Commercial Bank of China, and the Bank of China,” the FBI warned. “At this time, it is unknown who is behind these unauthorized transfers, if the Chinese accounts were the final transfer destination or if the funds were transferred elsewhere, or why the legitimate companies received the unauthorized funds. Money transfers to companies that contain these described characteristics should be closely scrutinized.”

The FBI says that some—but not all—cases seem to involve attacks through malware such as ZeuS, Backdoor.bot, and Spybot.