You Are Here: Home » E-Threats » Yet Another Miley Cyrus Sex Tape Kicks Tagjacking Back into Shape; Authentication Tokens Snatched through ‘Copy/Paste Code’ Classic

Yet Another Miley Cyrus Sex Tape Kicks Tagjacking Back into Shape; Authentication Tokens Snatched through ‘Copy/Paste Code’ Classic

A Facebook post made to resemble a breaking news announcement about a Miley Cyrus sex tape brings tagjacking back into the social scam spotlight.

The huge thumbnail propagating the scam displays a closeup of the singer, apparently in a state of rapture. The news crawler aims to hit it big with the leaked tape announcement by throwing in the “minor” detail of the “millions of men [having] called in sick after seeing it”. However, the fine print accompanying the shared image – “omg I lost all respect for her now”- is one of the classic lines of leaked sex tape scams and might prove counterproductive.

By clicking the image, users are taken to a web page where the video appears to be hosted.

When trying to play the clip, users are requested to first prove that they are not underage.

Here, again, we are dealing with the well-known, if not utterly obsolete, “copy/paste code” method whereby the scammer aims to steal the victim’s Facebook authentication token. This grants the scammer temporary access to the targeted Facebook account, including the victim’s list of friends.

To add boredom to injury, so to say, once you reach this stage you are invited into the much abused (by now) quiz maze, which kindly helps you waste a lot of time and, if willing, even money.

At the end of this unfruitful journey, those who have given in to temptation will see their deeds shamelessly exposed on their Timelines under the form of automatic posts in which all of their friends will be tagged. The stolen authentication tokens are put to excellent use and the scam circle can go round and round.

 This article is based on the technical information provided courtesy of Steliana Goga, BitDefender Online Threats Analyst.

All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.

 

About The Author

Ioana Jelea has a disturbing (according to friendly reports) penchant for the dirty tricks of online socialization and for the pathologically mesmerizing news trivia. From gory, though sometimes fake, death reports to nip slips and other such blush-inducing accidents, her repertoire is an ever-expanding manifesto against any Victorian-like frame of thought that puts a strain on online creativity. She would like to keep things simple, but she never does.

Number of Entries : 162

Comments (10)

  • Selva

    Check another variant of this spam that ask users to verify their account :

    http://www.ehackingnews.com/2012/10/verify-your-facebook-account-spam.html

    Reply
  • lola maxx

    Who would be stupid enough to actually think that is miley?!

    Reply
  • ksk

    Just an FYI for you as an author. I’ve never clicked on anything that’s too titillating or too good to be true. (I’ll sometimes google to find out what might be behind an interesting looking link, which is how I ended up finding your writing.) Because I haven’t clicked into traps, many of the experiences that are boring to you (such as the “quiz maze” referenced in your article) are completely unknown to me as a reader. Yes, I can google, but unless I’m avoiding work (like now) I’m not likely to do so. Maybe you could expand some definitions in your articles? Or link to a defining article?

    Reply

Leave a Comment

© 2012 Powered By Bitdefender

x
Loading...
Scroll to top