Rogue Facebook app “Like” pushing Zwinky & MyWebSearch

Initially I wasn’t going to blog about this, as I didn’t want to appear to be on a run of Facebook related posts. However this has been ongoing for over a week now, this same rogue app keeps reappearing, several of my own friends have fallen victim, so a warning seems like a good idea!
The rogue Facebook app in question has appeared for at least the third time in the space of a week and is clearly designed to fool victims into clicking the spam notifications it sends out, in order to earn the scammer some cash through affiliate based advertising.
The app is named “Like” and borrows the icon from the official Facebook “Likes” function. The Spam notifications it sends out have also been designed to resemble the real Facebook functionality. The name of the application contained in the Facebook URL has equally been designed to fool each time, it has been “im_best_app”, “farn_ville” and “pet_villeik” respectively.

Rogue app Facebook notification

Rogue app Facebook notification.

If you click the link in the notification you are invited to allow the rogue app access to “your profile information, your photos, your friends’ info and other content it requires to work”. Of course with the app having ‘borrowed’ so freely from official Facebook look and feel many otherwise cautious users are falling for the ruse.

Rogue app "Like".

Rogue app "Like".

If you do click the “Allow” button you will very briefly see an application page that simply reads “Error! Error! ERROR!” before being forwarded to an external (to Facebook) website hosted at Dizzy Networks.

Like Facebook app page

Like Facebook app page

Dizzy Networks is a “technology focused advertising company” whose advertisers are apparently “hand selected and control their campaigns to fully optimize your overall performance“. Although, if you were interested in signing up as an advertiser for Dizzy Networks you’ll need to be trusting because the terms and conditions that you must agree to are “coming soon”!
The page at Dizzy Networks contains only a JavaScript that redirects once more to the landing page at Zwinky proposing the installation of the Zwinky software. The URL of that landing page contains the partner ID ZJxdm493 which would perhaps identify the person behind the scam. At the very least it would appear that Zwinky may be paying out commission under false pretences and Facebook users are having their personal information put at risk.
Facebook staff have responded to user complaints and to the information that I have sent them very rapidly in the two previous cases and I am sure this third example will also be removed quickly. Wouldn’t it be great though if some mechanism could be put in place to protect their hundreds of millions of users proactively?

5 thoughts on “Rogue Facebook app “Like” pushing Zwinky & MyWebSearch

  1. Pingback: We Love Crowds » Does Facebook Need Its Own Anti-Malware Service?

  2. Pingback: Does Facebook Need Its Own Anti-Malware Service? | Technology and Web 2.0

  3. Pingback: Rogue Facebook app “Like” pushing Zwinky & MyWebSearch | Business Computing World

  4. Pingback: Privacy and Social Media – Part III: Facebook

  5. Myles

    There was a system in face that they had that users could protect themselves with. You USED to be able to opt out of the Facebook API, and I’d be as bold as to state that since this stopped being an option, it appears an upsurge of these malicious apps has come of it.


Leave a Reply

Your email address will not be published. Required fields are marked *