Scam Sniper: 5/22/11

Chase customers should be on the lookout for a Phishing campaign aimed at them. The email bares a subject line of: Online Access Re-activation Alert From Chase and appears to come from chase@emailinfo.chase.com. The email urges it's intended victims to confirm their bank account information by stating their account has been access from a different computer and that the bank wants to open an investigation into the matter for security purposes. If the intended victim takes the bait and clicks the link given in the email, they are transferred to www.integraproject.org/images/thumbs/index.htm, which is definitely not www.chase.com. It appears as though the phishing site has been taken offline, but there maybe other sites set up for use in this scam campaign. If you receive this type of email, please report it to Chase immediately, then delete it. An example of the email is below.

Example Chase Bank Phishing Email In Circulation - Click To Enlarge

Please visit the link below for information on reporting phishing or other fraud issues to Chase Bank:

How To Report Fraud
https://www.chase.com/index.jsp?pg_name=ccpmapp/privacy_security/fraud/page/report_fraud

Remember, you should never reply to or follow links in unsolicited emails which urge you to log in to your web accounts. If you believe there may be a real issue with your account, always navigate to your accounts suppliers main web URL by typing into your web browser directly. If there is an issue, they will prompt you about it when you log in.

Update: 05-12-2011 -7 New Warnings

* Special Note: Facebook was hit with 2 extremely viral scams early today. From what I understand both scams took advantage of a bug in Facebook's code. This bug allowed these 2 scams to spread very heavily for quite some time. Once Facebook got wind of the issue they repaired the bug and removed all of the spam associated with it. Facebook users should still remain on high alert however. One can never tell when the next Facebook bug may appear. Remember if you see strange messages in your news feeds at anytime, be smart, Don't Click Them. More information on the 2 scams circulated this morning is included in the "Active Alerts and Scam Reports" section below.. Be sure to take some time and read the information..

There are quite a few scams and or malicious items currently floating the Facebook platform and I have received many reports and question about them. I figured I would construct this All-in-One report to provide users with a quick way to refer to the various warnings that have already been released about these scams and or malicious items.

In general Facebook users should refrain from clicking or following random/un-trusted links on the platform, Even if the links appear to come from trusted friends. Links to Spam, Scams and other malicious elements may appear in your News Feed, Inbox, Chat Window and you may find that you have been invited to strange events offering links as well. Never follow the instructions given on any page that request you Cut/Copy & Paste JavaScript code into your Web Browser while logged into facebook. Doing so will cause you to compromise your Facebook profile, send spam to your friends and may even make you inadvertently install a virus or other malware on your computer. -See Note 2- Also refrain from installing random 3rd party Facebook Applications. Take a few seconds to check any application out before you install it on your Facebook profile. Please be sure to update all of your computers security software as well.

The scam, spam and virus threats vary on Facebook at the moment. Users should avoid any messages of the following types:

Messages offering Videos or Photographs of Osama or Usama bin Laden's death or related news.
Messages that state you have been made the Admin of a page you know nothing about.
Messages asking you to help someone by clicking some random link on their profile.
Messages offering to show you how you will look in the future. (20 Years or whatever.)
Facebook Ads offering Diet Supplements or Unbelievably High Paying Online Jobs.
Messages offering to show Profile Stalkers, Creepers, Peekers, Spies or views.
Messages offering Free Gift Cards to popular restaurants or sandwich shops.
Messages claiming to give you free makeup, airline tickets, iPhones, iPods or iPads.
Messages claiming to show you a shocking video or photo (celebrity or other). Justin Bieber, Lady Gaga, Miley Cyrus or Girl fights may be the main bait.
Messages claiming to give you free game currency or facebook credits.
Messages claiming to give you a paid for game item for free. ( Horse, Stallion, Rainbow Cow )
Status Messages offering virus warnings, amber alerts or hacker warnings that offer no real details or official proof. They just urge you to repost the sketchy information in them.

Note 1: If you run into any "New" scams, please report them to Facebook first by Marking The Messages As Spam, then take a few seconds to report them to me, ( Right Here ) or ( Right Here ), if you would like to.

Note 2: Pasting JavaScript Codes - Why You Really Shouldn't Do It. Via - Symantec's Blog

Once a user copies and pastes the JavaScript code, then hits the enter key, it misuses the logged-in user session to enumerate the their friends list and start its shenanigans. Depending on how it has been configured by the attacker, the script will post a new bait message to the user’s wall, send chat messages to their friends, tag you in post messages or images, or even create an event and send an invitation to all your friends. Of course, as always the attack is easy configurable through a toolkit the scam artist uses and may be different for each new scam. Since the script runs in the context of Facebook, while you are logged into Facebook, it can do a lot with your profile. It can honestly do nearly everything you could do yourself. So please refrain for pasting these types of codes into your web browsers. You are not going to like what will eventually happen if you do not.

Active Alerts and Scam Reports.

Don't fall for 'First Exposure: iPhone 5' Facebook scam (05-12-2011) -Active
http://news.cnet.com/8301-27080_3-20062055-245.html?ttag=fbw

BUG: Script that gives hackers access to user accounts floods Facebook (05-12-2011)-Active
http://thenextweb.com/facebook/2011/05/12/script-that-gives-hackers-access-to-user-accounts-floods-facebook/

BUG: PREVENTING SPAM scam on Facebook does exactly the opposite (05-12-2011)
http://nakedsecurity.sophos.com/2011/05/12/preventing-spam-scam-on-facebook-does-exactly-the-opposite/

BUG: Do not click messages asking you to VERIFY YOUR ACCOUNT (05-12-2011)
http://facecrooks.com/safety-center/scam-watch/item/1295-virus-alert-in-order-to-prevent-spam-i-ask-that-you-verify-your-account-click-verify-my-account-right-next-to-comment-below-to-start-the-process

Free Subway gift card spam spreading on Facebook (05-11-2011) -Active
http://nakedsecurity.sophos.com/2011/05/11/free-subway-gift-card-spam-spreading-on-facebook/

You can get to know who views your facebook profile (05-11-2011)-Active
http://facecrooks.com/safety-center/scam-watch/item/1294-scam-alert-omg-its-unbeliveable-now-you-can-get-to-know-who-vies-your-facebook-profile

Get 500 farmville cash and 99 million coins NOW (05-11-2011) -Active
http://www.thebulldogestate.com/2011/05/farmville-scam-alert-get-500-farmville.html

Avoid Facebook Ads That Appear To Offer Diet Supplement Trials. (05-08-2011) -Active

http://scamsniper.blogspot.com/2011/05/watch-out-for-facebook-ads-that-appear.html

Avoid The Golden Thoroughbred Stallion & Horse Scams (05-07-2011) -Active

https://www.facebook.com/media/set/?set=a.10150170736531787.299078.329801526786

Avoid Facebook Ads That Lead to Work At Home Scams. (05-06-2011) -Active

http://scamsniper.blogspot.com/2011/05/watch-out-for-2-facebook-ads-that-lead.html

PHOTO! Girl accidentally sends dad SMS about her FIRST TIME (05-06-2011) -Active

http://facecrooks.com/safety-center/scam-watch/item/1284-scam-alert-photo-girl-accidentally-sends-dad-sms-about-her-?first-time

Spam Spreads Through Multiple Features (How You Will Look Old Scam) (05-06-2011) Active

http://blog.trendmicro.com/facebook-spam-spreads-through-multiple-features/

I dub thee Admin of Page [x]. Arise and Get your Scam (05-06-2011) Active

http://www.malwarecity.com/blog/i-dub-thee-admin-of-page-x-arise-and-get-your-scam-1069.html

FarmVille Scam Warning: Avoid The Fake Rainbow Cow Message. (05-05-11) -Active

http://scamsniper.blogspot.com/2011/05/farmville-scam-warning-avoid-fake.html

Manual Script Scams on Facebook Generating Event Invitations (05-04-11) -Active

http://www.symantec.com/connect/blogs/manual-script-scams-facebook-generating-event-invitations

Linda Smith / Jason Lee Facebook virus hoax spreads quickly (05-04-11) -Active

http://nakedsecurity.sophos.com/2011/04/05/linda-smith-jason-lee-facebook-virus-hoax-spreads-quickly/

The BLOODIEST Fight EVER - BANNED FROM TV (05-03-11) -Active

http://www.thebulldogestate.com/2011/05/like-jacking-alert-bloodiest-fight-ever.html

Bin Laden's death photographs or videos, Are they real or not? -Graphic Photograph Included. Updated With Facebook Scams and Virus Warnings: (05-02-11) -Still Active- High Alert

http://scamsniper.blogspot.com/2011/05/osama-bin-ladens-death-photograph-is-it.html

[SCAM ALERT] 2 FREE Southwest Airline Tickets! (05-01-11) -Active

http://facecrooks.com/safety-center/scam-watch/item/1271-scam-alert-2-free-southwest-airline-tickets

Warning: 25 Profile Spy Scams To Avoid. Updated Regularly (04-09-11) -Active

http://scamsniper.blogspot.com/2011/04/warning-15-currently-active-profile-spy.html