in Meddling

Spammers are targeting Facebook photo albums

Facebook photo spam

Facebook photo spam


Over the past few days I’ve noticed ads inserted into my Facebook feed. Of course, “Sponsored Ads” are nothing new, but these new ads appear as photographs in which one of my Facebook friends has been tagged by one of their friends. The photos are added as a new photo album to the unsuspecting Facebook user’s album set. Then a number of photos are tagged with that user’s friends. Each of the user’s friends are tagged in the very same spot in the photograph, which should be a good clue to Facebook that the photo is suspicious.

It seems that typically about 5 people will be tagged in these spam photographs, even though spammers might possibly have access to more of the victim’s friend list. I suppose that one photograph containing, say, 600 tags might draw suspicion from Facebook’s anti-spam measures, so it’s possible that the perps limit tags to small batches for this reason. This is all speculation, however. Tagging a photo is a way to ensure that everyone thusly tagged sees the photo in their Facebook timeline.

Facebook photo spam

Facebook photo spam


The fact that the supposedly-public photo does not appear on the poster’s timeline strongly suggests this is a hack. Well, that and the fact that spammers are involved. The shady business I’ve seen advertising through this hack is a China-based company at the website www.rbgap.com, purporting to sell “authentic” Ray-Ban sunglasses.

Facebook ads are a cash cow for Facebook, so hackers are absolutely going to do whatever they can to get a piece of this action. It appears that they are exploiting an information leak or flaw in Facebook to create their own advertising revenue stream.

An album of the spam photos has been added to the unsuspecting users' account

An album of the spam photos has been added to the unsuspecting users’ account

I don’t know at this point if this is a problem with Facebook’s security or if the affected users secured their accounts using poor passwords.