Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Facebook 'Virus' Warning - Girl in a Plaid Skirt

Outline
Message circulating rapidly on Facebook warns users to watch out for a post showing a girl in a plaid skirt because it is a virus.



Brief Analysis
The threat described in the warning is a typical rogue app survey scam. It is NOT a virus. Although the threat described is real, posting this inaccurate warning about it is unlikely to be helpful. (Please read detailed analysis below for more information).

Bookmark and Share
Detailed analysis and references below example.



Last updated: 10th July 2011
First published: 10th July 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer


Example
SOMEBODY IS POSTING PICS OF A GIRL IN A plaid SKIRT( It looks like she might be doing a Hoola Hoop UNDER PEOPLES NAMES .. DON'T OPEN IT!!! IT'S A VIRUS!!! KEEP REPOSTING THIS.. WE NEED TO PROTECT OUR FRIENDS AND ELIMINATE THIS JERK THATS DOING THIS, click on it to report as spam

Girl in Plaid Skirt Virus Warning




Detailed Analysis
According to yet another breathless “ALL CAPS” warning that is rapidly moving around Facebook, users should watch out for a post depicting a girl in a plaid skirt because it is a virus and should not be opened. The warning asks recipients to keep reposting the information to help protect other Facebook users.

The warning is derived from a genuine security threat, but is nonetheless quite inaccurate and misleading in its current form. The threat described is not a virus. In fact, it is a typical rogue application survey scam like a great many others that have targeted Facebook users.

Posts like the one in the following screenshot have recently been spammed out to many Facebook users:

Sweet Girls Rogue App

Those who click on the link in the spam message will be taken to a Facebook application page where they are asked to give permission for the app to access their information and that of their friends as well as post to their wall. If users proceed and give permission, copies of the spam message are automatically reposted in their names. Users are then taken to a fake video page that supposedly shows web cam footage of the girl in the plaid skirt. However, before the video can be viewed, the users are told that they must complete a survey as a means of "verifying" that they are not spam bots.

Clicking the survey links takes you to spammy third party survey sites that try to trick users into signing up for absurdly expensive SMS "services", ostensibly as a means of getting survey results or going in the draw for a prize. Some of the "surveys" or "offers" may try to trick users into downloading spyware applications or providing address and contact information that may be subsequently used by spammers. And, every time that a user completes one of these surveys, the scammer who created the app will earn a commission for his trouble.

This "plaid skirt" survey scam is very similar to earlier attacks such as the "Photo U Got Tagged In" rogue app that targeted Facebook users in March 2011 and the BBC News Check What She Did on Cam survey scam that hit Facebookers in April 2011. In fact, several other incarnations of the scam have surfaced in recent months and more are sure to follow.

Thus, the advice in the warning not to open any of the “Plaid Skirt” messages is worth heeding. That said, to be worthwhile, computer security warnings need to contain, accurate, verifiable and up-to-date information. Unfortunately, warning such as the one above tend to circulate pointlessly for months or even years after the threat they describe has disappeared. In this case, it appears that the particular rogue app that the message warns about has already been taken down, although other similar versions may follow. Reposting misleading "warnings" that inaccurately describe rogue app survey scams - for example by calling them "viruses" which are a totally different type of security threat that requires a totally different response strategy - is likely to be unhelpful and ultimately counterproductive. Rather than continue to circulate such warnings, Facebook users would be much wiser to warn others about rogue app survey scams in general.

If you do get tricked into installing a rogue application on Facebook, go to "Account" > "Privacy Settings" > "Apps and Websites" > "Edit your settings" and go into the "Apps you use" settings. From there you should be able to remove the offending application.

Bookmark and Share References
Photo U Got Tagged In Rogue App
Facebook Rogue App Survey Scam - BBC News Check What She Did on Cam



Last updated: 10th July 2011
First published: 10th July 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer