I have a social media account but use it very little, and only with family and friends. So when a complete stranger named “Abbie Damours” recently “liked” a post I had shared publicly back in February, 2017 I found it very odd and suspicious… Red flag #1.
Her “like” for my 2017 post felt very suspicious, but I couldn’t resist exploring! So I began by clicking the link to Ms. Damours’ social media page only to discover that the lovely Ms. Damours has no friends or posts in her social media account. Red flag #2.
When I clicked to open her “About” page it was completely empty. Red flag #3. Clearly, this “like” was meant to draw us to slaughter, not to make a new friend or invite us into a conversation.
Further investigation informed me that Abbie Damours had recently updated her profile picture. When I checked out that update I found a link that appeared to be to her “private photos” on a tumblr account. Private photos? Hmmmmmm…..that would suggest photos of a “different” nature. Most of us are likely thinking porn, and that is clearly what Ms. Damours meant to suggest, especially when you look at her name and see that it contains “amour.” (“my love” in French!) However, being the suspicious fellow I am, I took that to link to mean a malware trap disguised as personal private photos….
Screenshots of Ms. Damours Tumblr page confirmed the “ruse” that “she” had posted nude photos (and video) for me to visit. But my suspicions about the real intention of this “like” were rock solid. They were confirmed when I was unable to mouse-over the links on Ms. Damours Tumblr page to reveal where they pointed! The web page was coded in such a way as to completely disable a mouse-over. There is only one reason why someone would code a page this way… he didn’t want us to see where the link will send us. However, it didn’t take me long to find another way to show that the links on this Tumblr page pointed to a website called sveta[.]sexnow[.]site.
Again, don’t assume that this is nothing more than an invitation to view adult content. It isn’t! Using our usual assortment of online tools, I was able to easily show that malware was waiting for me, along with at least one more redirect to another questionable porn website. The lesson here should be obvious all, online deception is a chronic problem and cybercriminals have a very large playbook of tricks to try to fool us into installing the tools of their trade.