Facebook, your birthday #1, and survey scams

A couple of weeks ago, some of my Facebook friends were putting up messages telling the world what was number one in the charts the day they were born and in some cases providing a link to a video. While it was depressing to realize how young so many of my friends were – I was born at a time when there was no official chart in the UK, at any rate for recordings as opposed to sheet music – I didn’t see any real harm in this particular “status game”.

(Though it’s always a good idea to be cautious about accessing links to YouTube videos and the like: sometimes that link isn’t to the resource or site it appears to point to. Yes, I know, my job title should be Career Sceptic and Professional Killjoy.)

While I’m always on the lookout for Facebook memes* that might be used for malicious purposes, this one wasn’t specific enough about the poster’s birthdate to be a likely part of a data aggregation attack** – even a shortlived chart topper is going to be there at least seven days – and there was no app or weblink referenced.

However, it turns out that there is a malicious app that uses the same meme to implement a survey scam. Facecrooks, a useful site for tracking this sort of stuff reports that it’s spreading very successfully via a status post that reads something like this:

“The number one song when I was born was – Greensleeves – Henry VIII and The Executioners (not really!) – Find Your Birthday Song Here [malicious link]”

It also displays a colourful graphic of a cassette tape: for my younger readers, that’s an almost-obsolete recording medium that looks something like this. Yes, I still have dozens of them: isn’t that sad?

Sadly, the link “on.fb.me/itsmysong” isn’t, in fact, to your song but to a survey scam which has already accumulated  over a hundred thousand Likes, which must be quite profitable for the scammers, who don’t even give you a link to one of the many harmless sites that do give you this kind of information, if you still want to play that FB status game without spamming your friends with a malicious link. Here’s one that seems genuine, passed on by one of Facecrook’s readers: http://www.thisdayinmusic.com/birthdayno1 allows you to enter the date and you can choose to check which song was number one on that date in the US, UK or Australia.

* A meme is defined by Merriam-Webster as “an idea, behavior, style, or usage that spreads from person to person within a culture.” That’s a pretty dry summary of the extraordinarily interesting concept of a “unit of cultural transmission” analogous to the gene as a “unit of biological inheritance” as described by Richard Dawkins, so here are a few more references in case it’s not a concept you’re familiar with.

** A data aggregation attack is one where an attacker inconspicuously accumulates snippets of information about you that he can use by way of gaining access to (for example) account credentials, or even for a more comprehensive case of identity theft. The possible use of some other Facebook memes in such an attack is something I’ve actually talked about at more length in a forthcoming article for Virus Bulletin. I’ll flag it here when that issue comes out.

ESET Senior Research Fellow

Author David Harley, ESET

  • Bob

    Thanks for the update David. I was always suspicious of this link. Just as a interesting side note, my twin cousins ran this link and each got a different #1 song for their birthday week. They don't even bother to give accurate info while collecting data. A total waste of time…especially when the web provide accurate info about the hit songs.

  • Kate

    How do I stop them spamming my facebook page now? Any ideas? Kate

    • David Harley

      Unfortunately, while there’s lots of advice around on defending your own account and not falling for these things, I can’t think of a convenient and fully reliable way to protect your Facebook page from unintentional spamming by your friends when they do. Sometimes it’s easier to defend against your enemies… :(

Follow us

Copyright © 2017 ESET, All Rights Reserved.