A new Facebook app which claims to show users who is stalking them, generates spam messages promoting the tool to victims’ contacts on the social networking site.
The pages list down certain instructions the user must follow to use the “stalker tool”. The instructions include copying a certain script and pasting it into the browser address bar.
The technique is similar to a scheme launched last year, which used the lure “10 lies girls ALWAYS tell guys! Funny!” In this case, the lure may be different but the effect is the same. Once users copy the script into their address bar, their Facebook account is accessed by the script and then used to spam messages that promote the tool.
The messages appear as either wall messages or direct messages. The JavaScript-based applications have names such as “profile view” and “creepers”.
Users hoodwinked into using the tool do not find out who might be stalking them.
The vulnerability of Facebook to such attacks is one of the major downsides of the site, which is now used by thousands of brands to keep in touch with consumers.
Earlier this year, brand owners with Facebook pages were warned about a new virus spreading across the social networking site, that encouraged potential users to download a malicious file.
The virus, which uses a photo album chat message, began spreading across the site over the weekend, with victims prompted to click a “View Photo” button.
Related stories
Brands warned over Facebook bug
Facebook acts after hack attack
