Facebook users are facing the latest wave of spam to hit the social networking site that seem mostly targeted as suspicious “payday loan” websites that purport to offer loans to Internet users. However this new wave of spam seems to be exploiting a vulnerability involving Facebook groups.
The first we heard of it was over a week ago when some garbled all-caps warning message hit the Facebook rumour mill at viral speed. The essentially useless message tried to warn Facebook users of a new spam attack regarding payday loans and American trainers, but ended up getting lost in its own breathless, incoherent “speech pattern”.
However it seems now that the threat the garbled message was attempting to describe is a trending method of spamming Facebook groups that hopefully Facebook will be fixing in the not-so-distant future.
It works by a spammer identifying a Facebook group to spam. If a spammer was to post a spammy link on the group then chances are it would be quickly and duly removed by the admin(s). However if the spammer was to first identify the group admin(s) and block them from the spammers own Facebook account then – as it transpires – any posts made by the spammer are invisible to the group admin(s) because of the block between the spammer and the admin.
This technique is being exploited by spammers as admins have to rely on their members to report the posts since they cannot see or remove them. In fact the problem is made much worse since the group Admin cannot even see the spammer on the group membership list because of the block between them.
A typical spam post that members of a group can see, but not a group admin because the poster has blocked them.
This highlights a pretty serious privacy and security loophole by Facebook that has existed for some time now, without any fix from Facebook. However it is only recently that spammers have been using this loophole prolifically.
Possible fixes by Facebook for the issue could be that everyone posting in a Facebook group should have their posts made visible to the group admin, regardless of any blocks that may exist between them. Or perhaps when a Facebook user blocks another member, they are automatically banned/removed from any groups belonging to that member.
Currently, the only reasonable fix for users – other than migrating to Facebook Pages that do not suffer this problem – is to use a trusted member and temporarily promote them to admin status to both report and remove the offending posts and ban the spammer from the group, and then put them back to normal membership status. It is important not to announce or make public who that member is, otherwise the spammer could block them as well, and also important to put them to normal membership status after the job is done, as all group admins are made public.
At the moment the spammers are concentrating on Payday Loans spam that link to very suspicious websites, of which many are only a handful of months old.
On the left is www.easyloanuk.com and the right is www.uklittleloans.com. Like many other sites, these are identical.
These websites are likely designed to steal your personal information, including your banking information, which could potentially lead to identity fraud. Not only are these sites brand new, but literally identical sites exist across the Internet, which is a massive red flag. Additionally, as we began to sign up using fake information, we noticed that the page requesting your bank information was on an unsecured page. Entering sensitive information on an unsecure page means that data is put at risk when you hit Submit. No legitimate loan company would send your information from an unsecured webpage.
If you entered your banking details into one of these websites, talk to your bank straight away and let them know what you have done. Remember, only trust legitimate loan companies and not sites that you end up on from spammy Internet links, be it on Facebook, email or other websites.
The screenshot above shows that the page is unsecure, beginning with http:// – secure pages begin with https:// – however the page is asking for sensitive information such as your bank account number.
Sadly despite these links being spammed on Facebook for over a week now, Facebook are being rather slow to block the offending links. If you see an offending post on a group you are a member of, don’t just ignore it. Hover over it and click the icon on the top right of the post and select Report/Mark as Spam. This will help Facebook block these spammy links.
Also if you see these spammy links, be aware that your group admin may not be able to see them, so let them know and point them to this article is necessary. Today it is payday loan websites, tomorrow the spam links could be taking you anywhere.
If we get any updates, we’ll let you know here.