Say you're a social media spammer that drives traffic towards CPAlead.com surveys…
What do you do when English speakers are increasing desensitized towards Facebook spam?
We're currently seeing a run of Facebook spam that uses the following subject:
"Voi paska, katso miten k�vi kun is� n�ki tytt�rens� webcam-esityksen"
It's a Finnish translation of the popular English spam subject:
"OMG, dad catches daughter on webcam"
The spam links to this Page:
After clicking on the confirm button, the user will be asked to click a series of numbered buttons:
This is a form of clickjacking that will result in the link automatically being liked and shared to the user's profile, thus spreading to friends via the News Feed.
Firefox Add-on NoScript provides protection against this type of threat:
Here you can see NoScript's ClearClick Warning that the "1" button is actually a hidden "share" button.
If the user clicks the submit button, he'll be directed to a website which prompts him to sign up for a promotion in order to prove that he's human (as an antispam measure).
This is the promotion, hosted in the Netherlands:
Here's the fine print:
It's a 19� SMS based subscription. Ouch.
And finally, what do you get if you provide your phone number and continue?
Nothing more than a video that you can easily search for on YouTube on your own.
We've reported the Page as spam.
At 17:00 there were 76,000 Page likes. At 20:45 there are 94,000.
Non-native English speakers often feel a sense of security from spam and scams because language localization is rather rare via e-mail. (Especially for an obscure little language such as Finnish.) But it isn't as difficult to localize social media content.
Don't feel a false sense of security. 19� per lead provides spammers a lot of motivation.
Updated to add: 107,000 people clicked on this spam link before Facebook disabled the Page. That is equal to 2 percent of Finland's population! E-mail spam gets no where close to this type of conversion rate.
We're edited the post and have added an image. See this pohttps://www.f-secure.comw.f-secure.com/weblog/archives/comments.html?PostID=00002041">comments for additional information.