As mysteries go this was small change, but I stumbled across its solution earlier today: spam nominally from Facebook friends. I’ve been getting a recognizable species of link spam every day or two for a couple of months now. The From: field always contains the name of someone I know. The From: email address, however, is unknown to me and does not belong to the person named. The Subject: field is short and nondescript, like “Hello”. The body of message is brief and follows this form:
super http://spammityspam.spam/goosebrow/53zappovat/
11/21/2012 10:33:27 AM
The From: email address is always a gobbledegook address from a big email service like Hotmail or AOL. There may be two or three words before the link, but no more than that. The link destination is different every time. I don’t know, don’t care, and don’t intend to find out what’s at the other end of the links.
I first assumed that someone I knew had gotten his or her address book hijacked by a trojan, which has long been a common practice when a machine is hacked. The interesting thing was that many of the people didn’t know one another at all. (I asked a few of them.) My next thought was that my own address book had been hijacked, except that two other people (out of eight or nine spams that I had tucked away to examine) were folks for whom I did not have and never had an email address. It took awhile for me to realize that the only common element was their presence in my Facebook friends list.
Bingo.
I sniffed around and found a nice description of the problem on CNET. In short, there was a Facebook vulnerability that allowed a scraper to lift the names (but not the email addresses, nor any private information) from my facebook friends list. Facebook has fixed the vulnerability, or claims to have fixed it. Facebook being Facebook, however, I’m sure there are plenty of others down there in the morass.
Given that over half of the posts in a recent sample of my friends feed today were idiotic or hate-filled images (many images consisting solely of words, which is idiocy cubed, and sometimes words too small to read, which is idiocy to the seventeenth power) I wonder sometimes why I bother.
That, in a nutshell, is why I don’t. I looked at facebook, and decided I didn’t want to spare the SAN points. (Sanity points were a staple of the Call of C’thulu Role Playing Game, apparently).
-JRS
Well, it was supposed to put the quote in a quote block…
As of today, 12.12.12, it still is occurring routinely.
Still continuing as of today. My thought process tracked yours almost exactly but it wasn’t until today that I realized – after getting one from yet another acquaintance – the common element was Facebook. That led me quickly to the cNet article, and this one.