OK – so there is a “Facebook Social Reader” for Digg – but “Facebook Social” is a neatly confusing invention of pharmacy spammers. The description of the new service seems to have been lifted more or less from the description of the Reader. The email welcomes users to the new service and invites them to “view profile details”:
The links in the email lead to compromised websites – in the sample above the site “itsnotenoughtodreamforum.com” has been hacked. The same URL folder structure is used as in the Facebook password reset outbreak reported last week, suggesting that the same gang is behind this new attack (using the Facebook name obviously guarantees a good open-rate). Scripts hidden on these sites redirect users to the destination pharmacy site – the “Toronto Drug Store” (which apparently is an “essential part of the Canadian RX Network”).
Email text:
Thank you for registering with us at Facebook Social. We look forward to seeing you around the site.
Your profile has two different views reachable through clickable tabs:
• View My Profile: see your profile as your network does
• Edit My Profile: edit the different elements of your profile
View profile details.
What is Facebook Social Share?
Enable Facebook social sharing, and share your Digg experience with your Facebook friends. Let your friends see what you’re reading as you discover the best news around the web. Click the Social button to turn this off.