Tag Archives: spamvertising

Who’s checking your Facebook profile? Scammers.

Yet another variation on a Spam theme for Facebook to deal with tonight. I have identified at least 25 different copies of the same rogue app with names such as peeppeep-pro, profile-check-online and stalk-my-profile
    
A wave of applications have been published that promise to reveal the truth about which of your friends are viewing your Facebook profile. The promise is worthless and the apps are bogus.
   

Rogue App wall post

Rogue App wall post


 
  
Facebook users may notice wall posts or receive notifications from their friends, unwitting victims all, encouraging them to install the rogue app, along with bogus assurances on its reliability.
  
 

Rogue App "Configuration" screen

Rogue App "Configuration" screen


 
 
 
The app itself is designed to look convincing enough, but none of the many “Continue” buttons it offers will activate some under-the-counter profile checking functionality, they will just push you into another Facebook app earning the scammer advertising revenue in the process.
  
 

Notifications from two versions of the rogue app

Notifications from two versions of the rogue app


 
 
 
In an interesting twist on the now familiar theme, at least one version of the rogue app will create a photo montage of all the infected user’s friends, tag it so that they all receive notifications and then post the photo.
   

Bogus photo montage from rogue app

Bogus photo montage from rogue app


 
  
These changes in scam tactics are clearly designed to overcome the changes that Facebook made recently to application functionality, including removing the ability for applications to send notifications directly.
   
I can see that Facebook are actively combating these applications as they are posted, even on a Sunday evening, which is commendable but… I said it first back in February 2009, isn’t it time Facebook at least had a review of their application publishing policy? The idea was dismissed back then, but now that these things are becoming a regular occurrence there must be a tremendous burden being placed on the incident response handlers at Facebook that could be better channeled into an application vetting process.
   
For now though, just don’t click the links, they will disappear from your streams as Facebook remove the offending apps. There is no officially sanctioned Facebook functionality that will allow you to view who has been checking your profile.
 
A quick look in your Photo stream will show you how widespread the victims of this scam are:
 
Screenshot of my own Photo stream

Screenshot of my own Photo stream