Monday morning. Christmas was four days ago. Three days from now will be the first day of 2015.
You get out of bed, stretch, turn on your computer and coffee maker. You then open your Facebook page as you sip your hot drink. Under Notification, you see this:
Not the least bit surprised, are you?
Iterations of the infamous Facebook “Profile Viewers” are a dime a dozen, and they pop up now and then – probably to catch people off their guard.
Clicking the notice leads to a Facebook app page that quickly redirects to a third-party page sporting a (sure enough) survey scam:
Doing a quick search on Facebook has yielded the following results:
All but one of them are still up and running as of this writing.
The page contains a very brief set of instructions on how one can know the viewers of their Facebook page.
Clicking the “Click Here” link has led us two possible results: one, to its external site with a dot-pw TLD extension, something that should immediately raise a flag as that TLD is notoriously used by hackers and scammers to house their badware, such as exploits and risky imitation sites to name a few; second, to a page saying “Content Locked” (screenshot below), showing, of course, more shenanigans.
We had another go at searching for what else to see on Facebook and, sure enough, there’s more:
As of this writing, all pages are up, and they all look similar. Here’s what one of the pages look like:
This particular variant of the “Profile Viewer” scam have also exploited Facebook’s app feature, but this time, scammers disguised their pages as a game app, making it more receptive for other people to click them.
Closing the grey window reveals a large blue button that says “Invite All Friends To View Your Profile Visitors”. Clicking this sends out a request to Facebook friends that says “Beat my Highscore – Invite Friends to Start Playing now”.
Both of these scam types attempt to retrieve Facebook credentials from accounts.
Do avoid visiting these fake app pages or clicking those notifications at all cost.
Other related post(s):