Free iPhone Rogue Applications Run Riot on Facebook, warns Sophos

Offer of a ‘free iPhone’ tempts Facebook users into allowing access to their profiles

MUMBAI / BANGALORE, India – October 6, 2010 – IT security and control firm Sophos is warning Facebook users about messages currently circulating on the social network claiming that friends have received free iPhones.  These messages, which have been spreading widely since Sunday, invite others to participate in the scheme; however the messages are being sent by rogue applications that users have allowed to access their profiles and post messages to their walls.

Messages appear as status updates and many read:

“Just testing Facebook for iPhone out 😛 Received my free iPhone today, so happy lol… If anyone else wants one go Click here”


“Anyone want my old phone?  Claimed my free iPhone today, so happy lol… If anyone else wants one go Click here”

Facebook users who click on the link advertised by their friends are then asked if they want to ‘Allow’ this application to access their basic information.  Participants who allow this are then redirected to a webpage which will earn commission for the spammers behind the scam.

If you’ve fallen for this trick, I wouldn’t hold your breath waiting for a new iPhone,” said Graham Cluley, Senior Technology Consultant at Sophos.  “Facebook users need to learn to think before they ‘like’ and ‘share’ suspicious pages on Facebook.  Just because something appears on a friend’s wall, it doesn’t mean that it is from a reliable source, and by giving unknown applications access to your Facebook page, you could unknowingly continue to help to spread scams and earn cash for the spammers.

Impacted users should delete references to the free iPhone scam from their wall, and remove the offending application from Account/Application Settings.

# # #

About Sophos

More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use, and that deliver the industry’s lowest TCO. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs—a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards. Sophos is headquartered in Oxford, UK and Boston, US. More information is available at


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s