Facebook Black Makes Social Networks See Red

November 14, 2012 Sophos Press Release

A scam saying that Facebook users can change their profile pages to have a black, rather than the trademark blue background is spreading widely on the popular social network. This scam is being spread by images on newsfeeds and by event invitations that appear to be sent by users’ friends. IT security and data protection firm Sophos is warning users to think twice before clicking on these links, otherwise they could be helping scammers to earn money and spread the scam further.

When Graham Cluley, senior technology consultant at Sophos, investigated this link from a test account, he was bounced through a few website redirects before ultimately landing on a page entitled “Change your Facebook Color”. This page automatically ticks the box saying that the user accepts the page’s terms and conditions, and tells them that they need to take part in an online survey before they can turn their Facebook profile black. The scammers will be earning money for the number of respondents they can entice to complete these surveys.

“It’s interesting to see that the scammers behind this particular campaign have clearly dusted off some webpages they used in previous scams, as several point towards past campaigns such as the ‘Remove Your Facebook Timeline*’ scam from earlier this year,” said Cluley. “Unfortunately, many Facebook users will be too excited about the prospect of perhaps changing the look and feel of Facebook that they will not spot suspicious clues.”

“If users have mistakenly clicked on links or accepted invitations as part of this scam, they should remove all offending messages, photos and ‘likes’ from their account, check that they’ve not authorised a rogue app to access their account – from where it could steal information or post without asking permission – revoke any rogue app’s publishing rights, and report it as spam to Facebook.”

For more information on this Facebook scam, visit Sophos's Naked Security site at: http://nakedsecurity.sophos.com/2012/11/14/facebook-black-scam/