Twilight scam spreads across Facebook

11 Apr 2011

IT security firm Sophos has identified a new rogue Facebook app posing as a game based on the next film adaptation of the teen vampire series Twilight.

According to Sophos, the scammers link to the game on Facebook, claiming it has been made to promote Breaking Dawn, the next movie based on the hugely popular vampire book series.

However, when a user presses ‘Play Now’ he or she is clickjacked into announcing they like the link, spreading the scam further across Facebook.

It doesn’t stop there, as it presents a user with a dialogue box asking them to grant permission for a third-party application to access his or her account. By approving this, the scammers can post messages, updates and photos to the user’s wall.

“Of course, if you’re a fan of Twilight you will quite possibly grant permission without thinking,” said Graham Cluley, senior technology consultant at Sophos. 

“The only problem being that this isn’t a legitimate application request, but is being done by a rogue app which wants to make money out of your devotion to the works of Stephenie Meyer’s series of novels.”

Twilight Breaking Dawn scam permission request

After gaining access to the users’ account, the scammers present an online survey, which earns them affiliate commission for every person who completes it. The survey presents itself in a Facebook style to trick users into thinking it’s legitimate.

Those affected by the scam should remove all trace of it from their Facebook accounts and remove the permissions the third-party applications have gained.