It’s pretty well documented that Facebook users are adverse to change. Good changes, bad changes – it doesn’t matter. Any tweak that Facebook makes is sure to infuriate a variable portion of the population. Seriously, people bitched about the News Feed when it debuted years and years ago.

So, holding true to the any change is bad truism, the Timeline is not universally popular. Although (an unscientific friend study tells me that) it’s not even close to the most unpopular shift that Facebook has ever made, it definitely has its detractors. And Facebook Timeline hatred is fertile ground for malicious, spammy apps.

Scammers are taking advantage of some users’ desire to revert back to the old profile and do away with the Timeline. Numerous pages and apps have popped up in recent weeks that claim to be able to deactivate the Timeline. The pages ask users to click like buttons, share things with friends, etc.

But of course, all of this work fails to lead to the removal of the Timeline, but instead allows scammers access to user data as well as the ability to spam the hell out of their friends.

Here’s one of the many pages that tout deactivation services. As you’ll see, the steps that it asks users to complete are pretty ridiculous – but you’ll also notice that nearly 7,500 people have participated.

Inside Facebook says that they have spotted 16 Timeline-related scam pages totaling more than 71,000 likes. Many of these pages and apps appear on the first page of results for the phrase “timeline.”

Of course, not all of the pages look as “legit” as the one above. Even this page has managed to get 2,500+ likes:

The official Facebook Security page has yet to specifically address the issue. In the meantime, the best thing that you can do if you run across one of these pages is to report it as spam.

Just don’t click “like” twelve times in the hopes that your Timeline will go away.

But Craigslist, like most of the internet, is also a place for scams, manipulation and other seedy activities. We’ve heard stories of jilted lovers trying to hire hitmen on the site as well as oblivious drug dealers trying to liquidate product. And of course let’s not forget about the infamous Craigslist Killer.

This unbelievable story begins on Craigslist and ends with two shallow graves in the woods. Hold on, everybody. This is a weird one.

In Caldwell, Ohio, a 16-year-old high school student and a 52-year-old Akron man have been arrested in conjunction with a shooting that occurred back on November 6th.

According to the shooting victim, a South Carolinian, he had come to Noble county Ohio in response to a Craigslist ad for a general labor job on a 688 acre cattle farm. He said that he was told he’d be living on the farm, and thus was instructed to bring all of his belongings with him. He reportedly met two men for breakfast in a nearby city and they set off together, supposedly for the farm.

The men eventually pulled over, explaining to the victim that they would have to take the rest of the journey on foot due to the impassable roads ahead. As they were walking through the woods, one of the men pulled a gun on the victim, who was able to deflect the barrel aimed at his head and begin running away. As he was fleeing, he was shot in the elbow.

The victim waited hours in the woods until he felt the coast was clear, and he eventually made it two miles to a residence where he was taken in. The authorities were then notified of the situation.

Authorities think that this was all part of bigger scheme that involved phony Craigslists ads. The suspects are thought to have placed the ads with the intention of getting unsuspecting workers out to their farm where they would rob them of all their possessions and kill them.

This is the working theory because shortly after the shooting incident, authorities found a shallow grave in woods nearby, which they think was meant for the South Carolina man. A day later, they found another shallow grave near the first – but this one was occupied.

It’s thought that the dead man could be a Florida man, who was reported missing by his twin sister after he also responded to a similar Craigslist ad. Autopsies have yet to determine this, but authorities suspect that there could be more victims. They don’t really know if this phony ad killing scheme is limited to these two, or extends to others. We don’t know much more right now because today a judge issued a gag order.

What have we learned here? Well, for one, that people are f*cking crazy.

I’m sure that once everything about this comes to light, the Lifetime movie is not far behind. I don’t know, can it be as compelling as a film about a med student that kills hookers he find on Craigslist escort ads? I don’t know – it’s a pretty sinister story.

Is Billy Baldwin available?

“The first place many homeowners turn for help in lowering their mortgage is the Internet through
online search engines, and that’s precisely where they are being taken advantage of and targeted,” said Christy Romero, Deputy Special Inspector General for the Troubled Asset Relief Program. “Web ads that offer a false sense of hope may not be legitimate and can end up costing homeowners their home. SIGTARP is diligently working on every level to stop these frauds, to protect homeowners from being victimized, and to hold accountable criminals who defraud homeowners in connection with HAMP and other TARP programs.”

Consumer Watchdog, which calls out Google just about every chance it gets, and sometimes makes animated videos about related topics (remember Eric Schmidt as the evil ice cream man?), has put out a press release calling for Google to donate the “tainted revenue it received from deceptive ads preying on vulnerable homeowners to non-profit groups that help consumers with credit problems, including homeowners seeking to avoid foreclosure).”

Here’s the Schmidt video in case you wanted to see it again. It’s not really related to this particular issue, but it gives you an idea of Consumer Watchdog’s mentality towards Google:

Consumer Watchdog points to a report it released in February called “Liars and Loans: How Deceptive Advertisers Use Google”. They highlight five recommendations they made in the report:

– Google should be more diligent in screening advertising in areas such as mortgage modification and credit repair where fraud is known to be a serious problem. If the company finds that screening ads is not feasible, it should ban all advertising in areas where regulatory agencies have shown that fraudulent advertising is endemic.

– The Federal Trade Commission should begin using its legal authority under the Lanham Act to seek injunctions against search providers who accept large inventories of advertising from firms they have reason to believe are engaged in deceptive practices.

The report can be found here in its entirety (pdf).

“Google should never have published these ads, but its executives turned a blind eye to these fraudsters for far too long because of the substantial revenue such advertising generates,” said John M. Simpson, director of Consumer Watchdog’s Privacy Project. “The company cannot be allowed to benefit from these ill-gotten gains. Google must donate the money to aid homeowners who were victimized because of its callous quest for profits.”

“Google’s willingness to accept such obviously deceptive advertising is the problem,” Simpson said. “The company must take a proactive role in preventing deceptive ads that prey on vulnerable consumers.”

You may recall that earlier this year, the Justice Department announced that Google had agreed to forfeit $500 million for allowing Canadian pharmacies to place ads through AdWords, targeting consumers in the U.S. resulting in what was described as “unlawful importation of controlled and non-controlled prescription drugs into the U.S.”

Google is not commenting on mortgage scam matter.

U.S. Attorney Preet Bharara called it a “massive and sophisticated scheme.”

The fraud was perpetrated by seven individuals, all of whom the U.S. is trying to get extradited. Six of the seven are Estonian nationals and have been taken into custody. The seventh is a Russian national and he remains at large.

Here’s how the scheme worked:

Malware installed to millions of computers allowed the perpetrators to manipulate online searches in order to redirect clicks to certain sites and ads. They used these falsely-acquired clicks to generate ad revenue.

Some examples of this included links to Apple’s iTunes, Netflix, and even the IRS being redirected to unrelated sites.

The malware also interfered with the computers’ anti-virus software, making the intrusion even harder to identify.

As alleged in the Indictment, from 2007 until October 2011, the defendants controlled and operated various companies that masqueraded as legitimate publisher networks (the “Publisher Networks”) in the Internet advertising industry. The Publisher Networks entered into agreements with ad brokers under which they were paid based on the number of times that Internet users clicked on the links for certain websites or advertisements, or based on the number of times that certain advertisements were displayed on certain websites.

Thus, the more traffic to the advertisers’ websites and display ads, the more money the defendants earned under their agreements with the ad brokers. As alleged in the Indictment, the defendants fraudulently increased the traffic to the websites and advertisements that would earn them money. They accomplished this by making it appear to advertisers that the Internet traffic came from legitimate clicks and ad displays on the defendants’ Publisher Networks when, in actuality, it had not.

It’s shocking to see that the scheme apparently went on for more than 4 years.

The schemers also operated ad-replacement fraud, replacing certain ads on websites with their own. For instance, the infected computers that visited the Wall Street Journal site saw ads for “Fashion Girl LA” as opposed to what should have been there – an ad for the American Express “Plum Card.”

More than 500,000 of the computers that were hit came from the U.S. And we’re not just talking about personal systems – but systems from within U.S. government agencies like NASA as well as colleges & universities and non-profits.

The suspects face 27 charges, including wire fraud and computer intrusion.

The FBI wants to hear from you if you think your computer might have been involved in this scheme. They say standard, up-to-date antivirus software should be able to detect the malware.

The criminals call the victims — who in most cases previously purchased drugs over the Internet or via "telepharmacies" — and identify themselves as FDA special agents or other law enforcement officials. The criminals inform the victims that purchasing drugs over the Internet or the telephone is illegal, and that law enforcement action will be pursued unless a fine or fee ranging from $100 to $250,000 is paid. Victims often also have fraudulent transactions placed against their credit cards.

The criminals always request the money be sent by wire transfer to a designated location, usually in the Dominican Republic. If victims refuse to send money, they are often threatened with a search of their property, arrest, deportation, physical harm and/or incarceration.

"Impersonating an FDA official is a violation of federal law," said Dara Corrigan, the FDA’s associate commissioner for regulatory affairs.

"FDA special agents and other law enforcement officials are not authorized to impose or collect criminal fines. Only a court can take such action."
 

“The free program available online allows scammers to create an HTML ‘receipt’ for phantom Amazon.com purchases,” said Christopher Boyd, senior threat researcher, GFI Software. 

“By capturing a screenshot of the fake receipt, these cyber criminals are able to email unsuspecting sellers claiming they are missing items. This type of fraud, perpetrated en masse, could result in massive losses for retailers, especially during the holiday shopping season.”

GFI says there are some indications that a receipt is fake. The merchant will not have a record of the purchase, but Amazon should be able to confirm that no purchase was ever made. Merchants should check the orange order number at the top of the receipt because those are randomly selected from a set of looping numbers every time the scammer clicks on the “Order Number” button. The seller or Amazon should be able to verify whether it is a valid order number. Finally, the program seems to add random digits on the “Visa: payment method” section in payment information, which warrants further investigation.

“Many of the items in the fake printout are convincing as a whole, but once you start digging into the details a little bit, it quickly falls apart. If a ‘customer’ seems a little peculiar, ensure you take a good look at their receipt,” warned Boyd.

PayPal had said that it would reimburse people for unauthorized charges, but now the company has put up a blog post responding to the situation. PayPal Chief Information Security Officer Michael Barrett writes:

There has been a lot of recent news coverage about unauthorized payments to iTunes, and some of our customers are concerned about the safety of their PayPal accounts. We’ve looked into this extensively, and want to assure you that: 1) the PayPal system itself has not been compromised and continues to be secure; and 2) if you have been affected by this issue, the criminals behind it have not taken over or logged into your PayPal account.

Apple has also confirmed that iTunes’ servers have not been compromised. For those customers who have seen unauthorized iTunes charges to your PayPal or credit card account, Apple has recommended that you contact your financial institution about a chargeback and change your iTunes password right away. They have some useful tips on protecting your iTunes account security here.

This should set users’ minds at ease. Hopefully they will take this as a lesson to be more careful about their online experiences.

Some people did already go so far as to remove their PayPal accounts from iTunes:

Burnett also offers some tips for protection in the future.

Sophos Senior Technology Consultant Graham Cluley points to the scam, saying, "It’s the latest survey scam spreading virally across Facebook, using the tried-and-tested formula used in the past by other viral scams including ‘Justin Bieber trying to flirt‘, ‘Student attacked his teacher and nearly killed him", "the biggest and scariest snake‘ and the ‘world’s worst McDonald’s customer’."

Cluley has several screenshots of different parts of the scam that one might encounter (such as the one below). The perpetrators clearly went all out in their deception efforts.

Image Credit: Sophos

Keep in mind, there are variations of the actual status updates that claim to point to the dislike button. Don’t believe any of them. It’s probably best to ignore any such thing until Facebook makes an official announcement, unveiling a dislike button. I wouldn’t hold your breath for that either.

The FTC says since 2007, victimized consumers have flooded law enforcement agencies and the Better Business Bureau with more than 2,800 complaints about the company Central Coast Nutraceuticals (CCN).

"Too many ‘free’ offers come with strings attached," said David Vladeck, Director of the FTC’s Bureau of Consumer Protection.

"In this case, the defendants promised buyers a ‘risk free’ trial and then illegally billed their credit cards again and again – and again. We estimate that about a million people has fallen victim to this scam. As if that weren’t enough, there were fake endorsements from celebrities like Oprah Winfrey and Rachael Ray for a product that didn’t work in the first place."

The court order stops the allegedly illegal conduct of CCN, imposes an asset freeze, and appoints a temporary receiver over CCN and a number of related companies, while the FTC goes forward with its case to stop the company’s bogus health claims and other deceptive and unfair conduct.

The FTC charged CCN, two individuals, and four related companies with multiple violations, including deceptively advertising AcaiPure, an acai berry supplement, as a weight-loss product, and Colopure, a colon cleansing supplement, as an aid for preventing cancer.
 

The website is part of a consumer education campaign to help consumers manage their money and learn how to spot scams.

The fictitious website Esteemed Lending Services offers consumers a loan for every situation guaranteed. The site claims qualified loan specialists will help you find a loan for any purpose, or consolidate your high-interest debt – regardless of your credit history.

When consumers click to learn more or apply for a loan, they will discover that Esteemed Lending is not a real company.  The website provides information to warn consumers about scammers pretending to be lenders. 

These scammers start by promising loans, only later revealing a fee that consumers have to pay first.  If they pay, it’s unlikely they will see the promised loan, and they run the risk that their personal information will end up in the hands of identity thieves.  The site also gives consumers tips to help spot an advance fee scam, and includes links to more information from the FTC.