Facebook ‘Dislike button’ scam spreading fast

16 May 2011

Facebook users have been told to be on their guard after it has been discovered a new scam is doing the rounds. ‘Enable Dislike Button’ is a scam that has succeeded in bypassing Facebook’s security systems.

“Like the ‘Preventing Spam / Verify my account’ scam which went before it, the scammers have managed to waltz past Facebook’s security to replace the standard ‘Share’ option with a link labelled ‘Enable Dislike Button’, explained Graham Cluley, a researcher with Sophos.

“The fact that the ‘Enable Dislike Button’ link does not appear in the main part of the message, but lower down alongside ‘Link’ and ‘Comment’, is likely to fool some users into believing that it is genuine.

“Clicking on the link, however, will not only forward the fake message about the so-called ‘Fakebook Dislike button’ to all of your online friends by posting it to your profile, but also run obfuscated Javascript on your computer. The potential for malice should be obvious,” warned Cluley.

Preying on trust

Dermot Williams of Threatscape commented that this latest incident shares multiple characteristics with some other recent scams:

“It preys on user’s willingness to implicitly trust messages received from their social networking contacts, assuming them to be genuine (many other scams, including ‘help I’m stranded’ frauds, have done the same)”, Williams explained.

“It exploits their insatiable appetite to try out new features on their favourite sites (‘see who viewed your profile’ and ‘see how many hours you spent on Facebook’ did likewise)

“It tricks users into manually performing the actions required to propagate the scam

“The perpetrators have found a way to profit from their actions – in this case, apparently from a fake survey,” Williams said.

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years