Websense® ThreatSeeker® Network detects that a new spam campaign is spreading on Facebook and ibibo (a popular game site in India). The content of the spam messages is: "Lost 30 pounds in just 4 weeks all thanks to hcg. Check it out: http://spam_url".
We have seen a number of similar spam campaigns on Facebook such as, "Sexiest Video Ever" on Facebook", "Osama bin Laden scams on Facebook", etc. But, unlike previous campaigns which took advantage of a hot topic to lure visitors to click the link in the spam post, here the attackers publish a comment in the name of the account owner: "Never thought losing weight could be so easy!!!". With this method, some of the account owner's friends can be tricked into clicking the spam link:
For the Facebook version of the attack, the attackers abused the blogspot.com service. Here are some of the URLs used for the attack:
The spam link redirects victims to another spam site. At the moment, the spam site is unavailable, but the attackers can always update the sites with malicious content.
The spam link used in Ibibo is new registered sites. Still unavailable now.
Websense customers are protected from these threats by ACE, our Advanced Classification Engine.