A clever new social engineering hack is designed to get unsuspecting Facebook users to divulge personal information to cyber crooks.


According to Graham Cluely’s popular blog at the Sophos Internet security site, a rogue Facebook application called Error Check System is sending false error notifications to users, asking them to click on a link to ‘View The Errors Message’.

But, as Cluely reports:

Of course, there was nothing really wrong with the recipient’s profiles and the misleading notifications were an attempt by a third party Facebook application to recruit more users, and — potentially — steal personal information from profiles.

… ‘Error Check System’ is not the only Facebook application to try and increase its popularity by sending messages to your friends and family — but it is particularly sneaky presenting itself as an error message about the recipient’s profile.

Cluely’s blog entry includes instructions on how to remove the rogue application from your Facebook account.

But that’s not the end of the story…

It seems that the authors of  ‘Error Check System’ — or third-party baddies attempting to take advantage of the situation — have posted rogue Web sites which, if followed from a search engine results list for ‘Facebook Error Check  System’, take unsuspecting surfers to bogus virus scan sites which actually install trojan bugs on their systems.

Cluely warns that those bugs can recruit your computer to a bot net which, in turn can make your system a springboard for infecting other computers or a base from which cyber crooks can broadcast spam.

So… Beware random search engine results when seeking information on the ‘Error Check System’ bug and go direcftly to a recognised Internet security resource, such as the Sophos site or the online headquarters of your favourite Internet security suite.

Leave a Reply