Update, 01 Sept 2014: NUMBERCOP, one of our blog readers, has tipped us off in the comments section about this particular scam resurfacing once again with a new bit.ly URL, which was created last August 31, 2014, a couple of days ago. The number of visitors to that link, as of this writing, seems to have been increasing.
If you happen to receive an SMS message from a potentially unknown recipient with the following text—
wtf f***** remove this pic from Facebook. http://bit[dot]do/fbnudephotos
—much like the fellow on the screenshot above, then you’ve been targeted by a phishing campaign.
The bit.do link is the shortened URL for a publicly available HTML page hosted on a Dropbox account. It looks like this:
All links but one–the Get Facebook for iPhone and browse faster. link–lead to a 404 page. The aforementioned link leads to the actual iTunes app download page.
Once users provide their Facebook credentials to the page, these are then posted to a .PHP page hosted on 193[dot]107[dot]17[dot]68, which we found out to be quite a popular location for hosting malware.
While this happens at the background, users are directed to the following screenshot which serves as humour, if not a “Gotcha!” after a successful con.
Another thing of note is the bit.ly URL at the bottom of the code:
This is a shortened URL for what we believe is a page that was once a diet scam page, judging from the actual URL string we have encountered before:
We suspect that this bit.ly URL is included to increase the click-through rate or visits to the page.
Individuals or groups with bad intent have been using SMS as a way to scam people, either for their money or for their information.
Senior Security Researcher Jérôme Segura have published a post entitled “SMS Scams: How To Defend Yourself” back in 2013, which I recommend you, dear Reader, to read as well. His thoughts on this kind of fraud remains relevant to this date.
Other related post/s:
- Uncovering an Android botnet involved in SMS fraud
- Mobile Top-Up Credit Sharing Scams in Circulation
- SMS Activated Flash Downloads: A Digital Leap of Faith
- Porn on YouTube Leads to Premium-Rate SMS Scams