click to enlarge

The message goes: PLEASE READ CAREFULLY

This message is for every Girl Who Goes to college or office alone. If u find any child carrying on road showing his/her address n asking u to take him/her to that address,take that child to police station n plz don’t take it to that address . IT IS A NEW WAY GANGS TO STEAL, RAPE, and KIDNAP GIRLS . plz circulate to all .don’t feel shy to copy This as ur status .

OUR ONE MESSAGE MAY SAVE A GIRL

This Facebook wall post has been live in public since Q4 of last year, so before it picks up steam and encourage more sharing within the platform, please do realize, dear Reader, that this is a hoax—all fake, from the image to the story behind this message.

Variations of this hoax have been circulating the Internet for years. Would you believe that the lure tactic—about children being used to lead women to their prey—might have stemed from an urban legend set in World War II decades ago?

Helping people on Facebook by sharing things that you deem important is a good cause; however, spreading hoaxes such as this one can only lead people to needless worrying and panic. That said, I implore you not to share this further, within Facebook and outside it. Before you click “Share”, research.

Also, please do not be alarmed (much less believe) if you see something like this on the Internet:

click to enlarge

Jovi Umawing (Hat tip: Facecrooks.com)

click to enlarge

The 19-page Internet Threats Trend Report mentions malware and spam trends in Q4 of 2011. It also ranks website categories that are most likely to house malware if compromised—Sites tagged as Pornography are at #3. Below are other notable finds in summary:

• India, Vietnam, and Pakistan were the top three countries with the most zombie computers.
• Phishers mostly targeted sites that were related to Games and Gaming.
• In Q4, spammers used fake @gmail.com email addresses to trick users into responding to their spam messages.

The report can be downloaded here.

Jovi Umawing

We’ve seen the tweet above pointing users to the URL, canbin(dot)ru—a domain created just late last month. Once users click it, they are then directed to twvitter(dot)com/user_login-sessions/?timed_out=1. It’s a phishing page.

There are two things we can take note from it: (1) the URL, which clearly tries to play tricks with our eyes (much like this one), and (2) the purported Twitter session that has timed out. Naturally, if one is logged onto Twitter and sees the message, they’ll wonder for a second, and then unknowingly key in their user name and password anyway. Perhaps the only “error” we can see in this attack is that the site attempts to access the actual Twitter site the same way a real third-party app or site would to make everything seem legit. However, Twitter requires tokens from such apps and sites. Since we know that this is a bogus page, it doesn’t have a token; thus, it can’t successfully redirect users to their actual accounts as it was supposed to.

We impore you, Dear Reader, to please exercise caution when clicking links on tweets. Even better: use your better judgment on whether you’d believe a supposedly interesting tweet or not before considering visiting the URL that goes with it. More often than not, scam tweets are designed to sound this way to actually make Internet users click them. Please don’t be fooled.

Just like the “Girl Killed Herself” scam that made rounds within Twitter not so long ago, this, too, will probably go down in history as a classic attack involving two social networking giants. This is not a comforting news. As long as user continue to fall for scams, they will just keep coming.

Jovi Umawing (Thanks to Chris for spotting this)

Example running right now:

Messages from Your Friends on Facebook, March 11, 2009

You have 1 Personal Message:
Video title: “Amanda is dancing on Striptease Dance Party, March 13, 2009! We’re absolutely shocked!”.

Proceed to view full video message:

hxxp://facebook.shared.completeserv.personalid-5ihg4wefb.based.867player com/home.htm?/tools/application=e1q3flwixa7lkef

Message ID: FB-7n1cqla9sgguzde
2009 Facebook community, Message Center.

When you try to view the “video”, you’re asked to download and run a “media player”. That’s the malware part.
This has been reported to Facebook.

Alex Eckelberry

This information as been found on the Sunbelt Blog