ALERT: New Facebook Revolving Images Scam Spreading

Version 1

    A new scam is spreading through Facebook via the use  of small javascript code snippets which users are enticed to enter in  order to reveal a “Facebook revolving images” feature.

    For those interested in how the exploit works, it’s relatively straight  forward.  The user is promised a “revolving images” feature as pictured  below.  All they need to do is copy and paste a piece of javascript into  their browser.  While they do receive random revolving images of their  friends, in the background the script goes to find their “Email Upload  Address” (found here).

    Revolving Images Screenshot

    Right now the scam appears to be spreading via the following sites:

    While the damage is currently limited, Aditya Punjani, a developer, sent a code  which illustrates how the new exploit can produce greater damage.   While this scam doesn’t appear to be generating any massive damage,  limiting updates to users’ statuses, this could evolve into a bigger  scam over time.  We’ll be interested to see how this evolves.

    Make sure not to click any of the links which offer the “Facebook revolving images” feature!



    reference: 10-11