Yesterday, we reported that the Twitter DM leads to a phishing attack. It seems like cyber criminals using the compromised accounts to spread their survey scams.
Today, GFI Labs come across another variant of this Twitter DM attack. This variant reads "did you see your pics with her [Facebook_app_link]"
The provided link is a valid facebook app address which executes a php script. Once the script is executed, users are redirected to a fake facebook page where it displays a event with a title "Apple iPad 3s Quality Test – Looking for participants"
"To Participate in our iPad-2 quality test please Click Here.Once users click the link , he will be redirected to a survey scam page if you are from US or UK. Otherwise , it will redirects you to an ads displaying site.
All participants will receive a free ipad-2 after sign up. Participants will be required to submit a final product review after two weeks of optimal product use." The description reads.