Facebook domain type-in hack

2009/07/24

You know the drill: open browser, new tab, type ‘www.facebook.com’ and in moment you can see who of your online buddies is up to something interesting. This is exactly what I did. Only I did not end up in well known Facebook page, but on something really fishy:

Picture 3

This is definitely NOT facebook. How come I ended up on ‘quiz.us’ site when I typed in http://www.facebook.com. Or did I ? Let’s do it again:

Picture 2

Do you see the problem ? It is the URL. Unlike real http://www.facebook.com, it is http://www.facebok.com. Easy to overlook. Modern browsers make our life easier by suggesting domain named. And ‘facebok’ comes in alphabet before ‘facebook’. Which is more than enough to catch many lazy users, like myself.

These guys – quiz.us – were obviously not Facebook related and judging by their pages behaviour, their were up to no good.

After clicking on ‘Skip this offer’ it opened up another window, did several redirects and reloads.

Picture 4

The new window tried really hard not to allowed to be closed easily. Annoying pop-ups, deliberate language to confuse OK and Cancel, more pop-ups.

Picture 7

Picture 5

The “company” is registered in Florida, US, as the Who Is told, it is Named “Moniker Online Services” with technical contact ‘Moniker Privacy Services’. Not sure what they really are, but certainly what their pages tries to achieve is a disservice to anybody’s privacy.

Lesson learned: use trusted bookmarks, do not click on combo box suggestions.

At least not until there are so many kinds of filthy internet vermin around. Facebook atracts so many new users that are not very experienced in dirty tricks the spammers, phishers and hackers use. Spread the word and help your friends to avoid pages and companies in business of phishing and deception.