Facebook redirects: Be on your guard

Browser redirection is a technique that, as its name suggests, points your browser to a different page. It may sound tame, but browser redirection can be a powerful tool when used maliciously, such as when users try to go to a popular site like Facebook only to be redirected to another site that installs a virus on their computer.

The fact that redirection happens right after you click a legitimate link or type a legitimate address into your browser’s address bar makes it a subtle method that can catch even the most security-aware off guard. It gets worse when conducted in a content-heavy social networking site like Facebook, which is exactly what cybercriminals are doing.

In a recent example of cybercriminals using redirectors in malicious Facebook campaigns, users were spammed a link to a fictitious music player update via messages and wall posts.

Once clicked, the link redirects users to a site that urges them to follow several steps led by copying a particular snippet of code onto their browser address bars. This malicious script, know as JS_FBJACK.B, accesses users’ Facebook friends list and bombards their contacts with messages containing links that redirect to a scam site that asks them to give out personal information.
Careful examination of attacks like this shows two to three tactics utilized at once to deliver malicious payloads. In this particular case, the cybercriminals used three tactics – a social engineering lure in the form of an on-site soundtrack player for Facebook, a redirector, and a scam site page to phish personal details from victims. The end result? The user’s personal data landed on the cybercriminals’ eagerly waiting laps. This data can be used to cause all sorts of damage to victims, including identity and/or financial theft.


About SCB Enterprises
System Solutions and Integration

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: