Initially I wasn’t going to blog about this, as I didn’t want to appear to be on a run of Facebook related posts. However this has been ongoing for over a week now, this same rogue app keeps reappearing, several of my own friends have fallen victim, so a warning seems like a good idea!
The rogue Facebook app in question has appeared for at least the third time in the space of a week and is clearly designed to fool victims into clicking the spam notifications it sends out, in order to earn the scammer some cash through affiliate based advertising.
The app is named “Like” and borrows the icon from the official Facebook “Likes” function. The Spam notifications it sends out have also been designed to resemble the real Facebook functionality. The name of the application contained in the Facebook URL has equally been designed to fool each time, it has been “im_best_app”, “farn_ville” and “pet_villeik” respectively.
If you click the link in the notification you are invited to allow the rogue app access to “your profile information, your photos, your friends’ info and other content it requires to work”. Of course with the app having ‘borrowed’ so freely from official Facebook look and feel many otherwise cautious users are falling for the ruse.
If you do click the “Allow” button you will very briefly see an application page that simply reads “Error! Error! ERROR!” before being forwarded to an external (to Facebook) website hosted at Dizzy Networks.
Dizzy Networks is a “technology focused advertising company” whose advertisers are apparently “hand selected and control their campaigns to fully optimize your overall performance“. Although, if you were interested in signing up as an advertiser for Dizzy Networks you’ll need to be trusting because the terms and conditions that you must agree to are “coming soon”!
Facebook staff have responded to user complaints and to the information that I have sent them very rapidly in the two previous cases and I am sure this third example will also be removed quickly. Wouldn’t it be great though if some mechanism could be put in place to protect their hundreds of millions of users proactively?