UPDATED: January 7, 2009
If you received a message on your Facebook wall about pictures on sinkstumble.com or any of the below sites, it is a scam as I explain farther down. DO NOT VISIT THE SITES!
bakespoil.com
barkjump.com
blendgrowl.com
blinksnap.com
boaststing.com
broilwish.com
buzzpaddle.com
cackletoss.com
climbfloat.com
crawlwhip.com
cryhike.com
cutboast.com
dashpush.com
floatclick.com
frightenfrighten.com
groanhop.com
hiderush.com
laughbang.com
laughrattle.com
mixclang.com
passbump.com
poachbang.com
pretendbump.com
pretendtoss.com
ringgrowl.com
sailroast.com
screamcaw.com
screechclimb.com
spoilgiggle.com
spoilhike.com
spoilroll.com
spoilsail.com
sprayboil.com
stalkblast.com
stuffcrush.com
stuffrattle.com
swimhum.com
swimstroll.com
voteboil.com
voterub.com
wagfloat.com
waveshiver.com
wrestlegrowl.com
[Sources: assorted Yahoo Answers, Helzerman's Odd Bits, The Life Nomadic]
There is a new phishing scam that is making the rounds on Facebook today.
At some point over the past 24 hours, Las Vegas resident Victoria David (which I’m guessing is a fake name, due to the husband-wife Beckham couple) registered a domain called sinkstumble.com.
If you visit the site, a series of windows pop open (that my ad blocker did not detect), warning you about pictures, IP addresses, and asking you to type some data.
Do not type anything!
I don’t know how it started, but in my own case, a high school classmate wrote the following message on my Facebook wall:
I don’t know if you know but your pictures are on sinkstumble com
It’s not a website link, so any victims are manually typing (or copying and pasting) that address into their browser location bar. If you do so, and follow the instructions, you will be typing in the name of the friend who sent you to the site, then your name and email address. Then… the phishing takes over and sends the same message to every friend of yours, writing on their walls what “my friend” wrote on mine.
Get it?
I initially visited the site from my primary browser, and was forced to shut down the browser. I then tried from a different browser of mine with more rigid security settings, using fictitious names and email addresses. At that point, there is a friendly reminder not to click random links. But to get to that point, you’re spamming your friends.
Don’t go there. Hopefully, the site will be shut down in the next day or two…
About Ari Herzog
your post is very informational.
though i’m curious how the phishing uses that person’s name. Is it because of the information you enter?
Thanks for the notice, I hate when FB or IM scams come around. I have infected a virus on a past computer yrs ago from accidentally clicking, not looking to get all my personal information taken.
Thanks for posting this. I just saw that one of my friends left a message like this on my wall. I’m glad that you found out about this and let me know not to worry
I just got a Facebook message from screamcaw, so it’s safe to say it’s the same thing.
Thank you, thank you! I got that message, googled it, and was warned by your post before I got any further. Your post is a service well rendered!
thanks for the tip! someone i have never talked to just wrote on my wall and said “Hey i wanted to tell you that someone put your pictures up on screamcaw.com”
Wow I just got a message from a friend in Facebook about sailroast and not wanting to appear stupid I googled it instead of asking my friend what she was talking about. I am so glad I did that and found your informative article, I have sent the article to my friend.
wow thx for that…my friend sent me this comment about my pictures being on sailroast and i did exacly what cindy had done and came to this site
add wailbot
Hey thanks millions for your info.
Thanks so much for all your information… big help!!
Add spoilroll.com as well
Add barkjump.com to sites using this exact same method.
add spoilroll and spoilhike to that list
Thx to @ariherzog just posted warning on FB pg abt scams: Now *SEVEN* known Facebook phishing scams abt pix/wall posts: [link to post]
– http://twitter.com/barbchamberlain/statuses/1082671525
– Posted using Chat Catcher
Thanks for the info Ari…. I rcvd the same msg from a friend in Tx. I’m reposting your note on my FB page for my friends to read too.
i got that message and i went to the website and entered in my e-mail adress but not the right password that goes with it, should i be worried?
Add crawlwhip.com to the list – my sister rightfully freaked out when a cryptic message with that URL got posted on her Facebook wall.
Good stuff, thx!:)
Sylwia Presley´s last blog post..when searching for an old photo…
I got a wall notice about wailhop.com also same line … pics are being … blah blah … http://answers.yahoo.com/question/index?qid=20081226214431AApyOLI tells about it.
Thanks for the new info
add buzzpaddle-com
also add pretendtoss-com
thanks for the warning
you can also add sprayboil.com
to that list. cheers
HERE is that last link again, fixed! [link to post]
– http://twitter.com/TakeRoot/statuses/1084108412
– Posted using Chat Catcher
Yep, woke up to mine…
This is to let you know you photos are all over groanhop-com-check it
Noelle Mena´s last blog post..Last Week of December
@ericjodom [link to post] Here is the one about on Facebook Wall.
– http://twitter.com/TakeRoot/statuses/1084109631
– Posted using Chat Catcher
beware [link to post] I just got one from a former co-worker
– http://twitter.com/tayedrums/statuses/1084310795
– Posted using Chat Catcher
Thanks for the comments, all. As I hear of new domains, I’m updating the top of the page.
Various people have sent me Facebook messages, too, wondering if they were victimized by visiting the page.
If you visit the page, you’re fine. If you fill in any information and hit the submit button, you risk being victimized. (Of course, I have no way of testing this other than your stories.)
it is a monkey when you go to the last step!!!U SEE A MONKEY!!!
I checked this out.
Whatever filtering service my firm uses must be pretty good because I received this message:
Gib´s last blog post..Proposition 8 Attorneys Working through the Holidays
@gingertate [link to post]
– http://twitter.com/susan_s_smith/statuses/1084752298
– Posted using Chat Catcher
Hey THANK you. I just saw a post for cryhike-com. is how it was posted. Facebook wont even allow cryhike.com to be posted, i put on the friends wall who had that and .com was not allowed, so they realized. Very Very Helpful.
Might as well add voterub. I stupidly entered information. although i did use fake information. hope my computer is safe.
Beware of Latest Phising Scam on Facebook [link to post] …hope it doesn’t happen to Twitter at all….
– http://twitter.com/johnyeng/statuses/1084998405
– Posted using Chat Catcher
Thax a LOT!
I could smell the hell!
Thanks Dude!! My friend left message like yours on my wall and i thought it sounded fishy…
Thanks for the info!
Add voterub.com to the list!
I’m an idiot. I made it all the way to the monkey. Thanks for the info; it was driving me nuts.
Read: [link to post]
– http://twitter.com/JimWinslow/statuses/1085352604
– Posted using Chat Catcher
Read: [link to post]
– http://twitter.com/JimWinslow/statuses/1085380331
– Posted using Chat Catcher
I’m an idiot. I made it all the way to the monkey. Thanks for the info; it was driving me nuts.
Here is the monkey.
really thanx a lot for your info Mr. ari herzog. My girlfriend ,crying andcalling me in phone while i’m working said someone superimpose her photos in facebook naked and post them to porn website called sprayboil.com. Like I want to bash that guy..but as i read your info now I undestand. thanx a lot
Add ringgrowl.com to the list
would spoilgiggle.com be one of these?
Omg..this happened to me and i visited the site and did everything!! OMG IM SO SCARED…DID IT GIVE ME A VIRUS!?!??!?? SOMEONE ANSWER ME PLEASE!!!!!!!!
As the world grows technically day after day, many are also looking for ways to take that advantage of growing technology to con people of either their money, information and privacy.
This, my friends is the clear definition of a SCAM.
It is our duty as Computer literates and specialists to overcome these people through posting Awareness Messages like these to update and inform innocent people of these cited SCAM sites.
These guys are really good, so they can come up with something new every minute.
Being computer literate, i believe posting every new Scam site will certainly do the trick.
Please send those new links and addresses to jaypworks@yahoo.com where they will be retrieved and investigated upon and posted over the internet at the earlist opportunity.
Together, we wont FAIL.
We won’t stop taking them down.
Thank you.
Jay-p Kalire
Jay-p Kalire´s last blog post..Funky Power FM Posters
Thank you for the warning…keep it up
Thanks for the timely warning.
well , i read this after i went on it :/
Beware cryhike-com msgs on Facebook – if u go2 th site u get many popups & asked 2 enter personaldata incl. email address [link to post]
– http://twitter.com/JTAN/statuses/1088282135
– Posted using Chat Catcher