Here's an interesting twist on the usual fake profile invites I regularly receive on Myspace.
Normally, you click the link and are taken to a standard fake profile advertising webcams or something of a similar nature. If you refresh the page, you'll see the same content - just like a regular Myspace profile. Well, in this case the code used by the bad guys means the page is no longer static. Refreshing the spam profile will endlessly cycle through a whole raft of fake overlays and images:
All of the above pop up on the profile link I was sent (you can see the URL remains the same in each screenshot).
How do they do it? Well, they're overlaying the profile page with a large clickable image, a common tactic that was used in the Myspace band hacks from a while ago. Here's the code:
In other words, a random image (made to look like a Myspace profile) is served from here:
free-hotwebcam(dot)com/Images/00110/KKD90g4aKKXNSTKhUvj04RO7WQDhw(dot)jpg
And clicking it will take you here:
snurl(dot)com/20h89-holo
Which redirects you to
privaterooms(dot)biz/t-main027(dot)html
...before finally leaving the end-user at the eventual destination of teen(dot)livecamfun(dot)com. The curious thing is, why would you bother to make your spam profile pages dynamic in this way? Once you've seen one, you leave it and don't go back. I can't imagine someone revisiting the page simply because the images keep changing...
Leave a comment