Hold me, thrill me, poke me

Online social scams inspired by real-life gestures get our imagination worked up. Warning: this article will (hopefully) turn you into real doubters of the “online bonding” myth.

While some parts of your interaction with the online community of your choice are only possible because of the virtual environment they take place in (wouldn’t dream of having a real-life piglet delivered to your best friends’ door with a note saying “It’s lost, the poor thing and it’s got your name on its collar”. Would you?), others are reminiscent of real-life situations.

Take the “poke” function. It involves a lot of imagination both from the sender and from the recipient, as the two have to picture, in their minds, the actual gesture, the context, its meaning, etc. Plus, it’s completely gratuitous. It’s not asking “Whadup!”, it’s not requesting anything…it’s just letting the other know you’re there in mute mode.

Ok, now, let’s not get overwhelmed by the manifold significance of “poke”.  At least not yet. The Malfoys of social communities add a new layer to the “poke cake”  (with cherry on top) and create a nice scam that’s not very different from its other “see how many” siblings. To cut a sinuous description short, there you have it: now they’re offering you the possibility of seeing how many people have poked you on Facebook.

Niiiiiiiiiiiiiiiiice! We’ve got ourselves a new toy. NOT! Click the link and you’ll land on our…..oops, I was about to say FRIEND…Rewind. Click the link and you’ll land in our old acquaintance, the permissions page’s backyard.

This one’s a keeper for the scam memorabilia museum. Why? Exhibit A: “Send me e-mail” permission. This means that you’ll be handing your e-mail address on a silver plate to all those who want to send you tons of spam. It’s valid, it’s frequently used and it can be easily correlated with other info in your Facebook account so that you get not just any ads, but targeted ones. Don’t you feel like hugging your e-mail address right away?

Exhibit B: the “Manage my pages” permission. What does it do? Well, it allows the spammer to gain access to you Facebook page and use it to spread more spam. The spammer will also have access to the insights data corresponding to your page, which will make it easier for him to assess your page’s potential outreach. All that with one click? YEAH!

 So, now we’ve got our mental hands (see what I did here?) on one of the online Malfoys’ source of inspiration. How about it if we just get one step ahead of them and make a prediction about other social scams that could be inspired by real-life gestures.

Ladies and gentlemen, the nominees in the non-existent, but potentially successful “Hold me, thrill me, poke me” category are:

1. See who stepped on your toes in the past decade. Click here to access the all mighty toe stepping counter!
2. See how many times you’ve been slapped since you joined Facebook. Click here to compare your results with those of your friends.
3. OMG! This boy decided to eat his veggies after someone hit him in the….backroom of his mother’s house!
4. I got punched in the face 34,789 times since I decided to publish embarrassing photos of my friends on my fb account. See how many times you could get punched! Click here.
5. “I shook hands with the King of Internet today”. Copy and paste this text in your status, then copy and paste this nice piece of code into your browser and then go to sleep. A miracle WILL happen!

Don’t forget that BitDefender safego is there to help you figure out how much of the online social bonding is genuine or not. Smart and safe sharing, everyone!

This article is based on the technical information provided courtesy of George Petre, BitDefender Threat Intelligence Team Leader

All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.