Sunday, February 27, 2011

Facebook (on IE in Windows) suddenly (at least apparently) redirects to "Social Rewards Survey" and gets caught in loop; the "misstyped domain name problem"?

Saturday evening, just as I was preparing to shut my laptop down and go out and "party", I checked Facebook on Internet Explorer and got redirected to a site like “”.  The survey asked a few questions about satisfaction with social networking sites and then tried to offer me a choice of prize drawings, varying from iPhones to ringtones.  It asked for the cell phone number, which I probably foolishly gave, and then sent text messages with pin numbers to be entered, following by silly messages about “” or  “” or “Textea alerts”, and a quote “The eye of an ostrich is bigger than its brain” which I think comes from “The Bourne Identity.”   The site seemed caught in a loop and I could only get out of it by closing Internet Explorer.  I tried Facebook again in IE and got the same result. I did not see any evidence that the site was trying to sell fake anti-virus software. 

I then tried Facebook in Mozilla Firefox and got in (to my own “News Feed”) without interruption. I was in Windows 7; I haven’t yet tried Facebook on my new MacBook, but I doubt anything like this will happen. (Ever notice: media pictures of Mark Zuckerberg  always show him on a Mac, never a Windows machine.)
To investigate further, I tried the 877 number in the text( “1-877-707-6177”) and got “Mobile Media Solutions”.

Sunday morning, I ran a Webroot sweep and found only some new and unfamiliar spy cookies, which Webroot quarantined.

Since I already publish my cell phone number (but not my land line) on the Web, I don’t see any threat of abuse of the cell phone Blackberry account with Verizon. The app did not ask for passwords or any other information.

Nevertheless, such behavior when trying to bring up Facebook is perplexing. To say the least, Facebook should cut ties with whoever provides this intrusive survey.

I’ve tried Bing and Google searches on “” and found very little, but at least one other user asking about this behavior. I can’t find a MYWOT or Site Advisor report for the site itself from search engines.

One grim, if remote, possibility is that this could have something to do with the 2008 threat to the domain name system, as reported in my "ID Theft" blog in August 2008; that had led to emergency international security meetings at Microsoft in July 2008. (Brian Krebs had a typical story about this problem at The Washington Post in August 2008 here.)

Update: Now it is looking like it might have been the result of a misspelled domain name "" taking one to a survey site.  In any case, it's working OK in Internet Explorer today. 

Update: March 2: I got another text from "guessology" at 7:30 AM EST this morning. I hope this isn't the start of something. No, I don't need more ring tones. 


Kenneth said...

My wife go this earlier this evening on her Macbook pro think its a scam please keep us posted. She also gave her cell # but never did use the pin for anything.

Keith Adams said...

I also got the same thing. It's annoying, because if you search for the website name plus the word scam, pages come up all on the first page, or clearly planted bogus links to it.


Vicki Lewis said...

It gets worse, these scammers also charge your wireless carrier $9.95 for their sevice of sending you these annoying texts

Purple Underlord said...

Did you make sure you weren't typing or some other typo? That's what sent me to it.

Bill Boushka said...

It's turned out that it was indeed due to a misspelling (that's a trademark issue Facebook could pursue). I got a few unwelcomed texts from "guessology" etc but after answering the stop-messages about four times, they stopped. I never incurred any charges. But in retrospect, I'm surprised this fooled me.

Normally companies will go after intentional misappropriation of their domain names as trademark dilution and infringement and win in court. I presume Facebook did this.