A couple of weeks ago, some of my Facebook friends were putting up messages telling the world what was number one in the charts the day they were born and in some cases providing a link to a video. While it was depressing to realize how young so many of my friends were – I was born at a time when there was no official chart in the UK, at any rate for recordings as opposed to sheet music – I didn’t see any real harm in this particular “status game”.
(Though it’s always a good idea to be cautious about accessing links to YouTube videos and the like: sometimes that link isn’t to the resource or site it appears to point to. Yes, I know, my job title should be Career Sceptic and Professional Killjoy.)
While I’m always on the lookout for Facebook memes* that might be used for malicious purposes, this one wasn’t specific enough about the poster’s birthdate to be a likely part of a data aggregation attack** – even a shortlived chart topper is going to be there at least seven days – and there was no app or weblink referenced.
However, it turns out that there is a malicious app that uses the same meme to implement a survey scam. Facecrooks, a useful site for tracking this sort of stuff reports that it’s spreading very successfully via a status post that reads something like this:
“The number one song when I was born was – Greensleeves – Henry VIII and The Executioners (not really!) – Find Your Birthday Song Here [malicious link]“
It also displays a colourful graphic of a cassette tape: for my younger readers, that’s an almost-obsolete recording medium that looks something like this. Yes, I still have dozens of them: isn’t that sad?
Sadly, the link “on.fb.me/itsmysong” isn’t, in fact, to your song but to a survey scam which has already accumulated over a hundred thousand Likes, which must be quite profitable for the scammers, who don’t even give you a link to one of the many harmless sites that do give you this kind of information, if you still want to play that FB status game without spamming your friends with a malicious link. Here’s one that seems genuine, passed on by one of Facecrook’s readers: http://
* A meme is defined by Merriam-Webster as “an idea, behavior, style, or usage that spreads from person to person within a culture.” That’s a pretty dry summary of the extraordinarily interesting concept of a “unit of cultural transmission” analogous to the gene as a “unit of biological inheritance” as described by Richard Dawkins, so here are a few more references in case it’s not a concept you’re familiar with.
** A data aggregation attack is one where an attacker inconspicuously accumulates snippets of information about you that he can use by way of gaining access to (for example) account credentials, or even for a more comprehensive case of identity theft. The possible use of some other Facebook memes in such an attack is something I’ve actually talked about at more length in a forthcoming article for Virus Bulletin. I’ll flag it here when that issue comes out.
David Harley CITP FBCS CISSP
ESET Senior Research Fellow
Author David Harley, ESET