Reports of another javascript-based spam scam doing the rounds in Facebook
We have received reports of another JavaScript-based spam scam doing the rounds in Facebook.
This one involves a friend's profile posting a link to your wall.
Should you click on the link in the friend's post , the JavaScript code send spam to your Friends list and so the snowball spam effect grows.
TrendMirco's malware blog had a good write up of the attack method here:
http://blog.trendmicro.com/dubious-javascript-code-found-in-facebook-application/
Sounds like introducing friends and family to NoScript Firefox extension [1] would be one way to avoid a large number of phone calls of "Help!" over the next few days.
Thanks to reader Roseman and others for writing in with details.
[1] http://noscript.net/
Chris Mohan --- Internet Storm Center Handler on Duty
 
              
Comments
http://nakedsecurity.sophos.com/2011/05/12/preventing-spam-scam-on-facebook-does-exactly-the-opposite/
roseman
May 12th 2011
1 decade ago
John Hardin
May 12th 2011
1 decade ago