The second rogue application scam to hit Facebook in a week appears designed to capitalize on the row over changes to the site’s terms and conditions. The scam tricks users into following a link to explain a “warning” for violating site rules.

The application posts notes to profiles of the user’s friends reading:

[Friend's name] has just reported you to Facebook for violating our Terms of Service. This is your official warning! Click here to find out why you were reported! Request Facebook look at what has happened and rule immediately.

Clicking the link then installs a copy of the application on the new machine, triggering another round of messages. It doesn’t appear the application is able to cause any damage to computers, but it does have the ability to access personal information you’ve added to your profile along with building up a sizable Facebook mailing list for spammers.

It may be a coincidence, but it’s notable the scam comes shortly after widespread publicity about Facebook’s terms of service and abandoned plans to give the site the right to use posted material such as photos even after an account closure.

A similar scam last week distributed messages claiming a Facebook friend had encountered errors while trying to view the user’s profile and suggesting they click a link to ‘View The Errors Message’.

In that case, some particularly devious scammers built a page which topped Google’s listing for ‘Error Check System’, the name of the rogue application. This page, purportedly giving information on the scam, actually redirected to a bogus virus scanner which installed rather than removed malware.

It’s not yet been established if this was simple quick thinking by the malware producers, or if the Facebook application was deliberately set up to prompt people to search for information about it.

Fortunately removing rogue Facebook applications is much simpler than dealing with traditional viruses. Users should click Applications on the Facebook site, then Edit. They can then remove any unwanted applications by clicking the cross next to its name. In these two cases, the ones to look out for are ‘Error Check System’ and ‘F a c e b o o k — closing down!!!’

Related:

Entry was posted on Friday, February 27th, 2009 at 1:19 pm under Google, Malware, Scams, Security, Social Media, Web2.0.

Read more entries by John Lister.
Stumble It!