UPDATED: January 7, 2009
If you received a message on your Facebook wall about pictures on sinkstumble.com or any of the below sites, it is a scam as I explain farther down. DO NOT VISIT THE SITES!
bakespoil.com
barkjump.com
blendgrowl.com
blinksnap.com
boaststing.com
broilwish.com
buzzpaddle.com
cackletoss.com
climbfloat.com
crawlwhip.com
cryhike.com
cutboast.com
dashpush.com
floatclick.com
frightenfrighten.com
groanhop.com
hiderush.com
laughbang.com
laughrattle.com
mixclang.com
passbump.com
poachbang.com
pretendbump.com
pretendtoss.com
ringgrowl.com
sailroast.com
screamcaw.com
screechclimb.com
spoilgiggle.com
spoilhike.com
spoilroll.com
spoilsail.com
sprayboil.com
stalkblast.com
stuffcrush.com
stuffrattle.com
swimhum.com
swimstroll.com
voteboil.com
voterub.com
wagfloat.com
waveshiver.com
wrestlegrowl.com
[Sources: assorted Yahoo Answers, Helzerman's Odd Bits, The Life Nomadic]
There is a new phishing scam that is making the rounds on Facebook today.
At some point over the past 24 hours, Las Vegas resident Victoria David (which I’m guessing is a fake name, due to the husband-wife Beckham couple) registered a domain called sinkstumble.com.
If you visit the site, a series of windows pop open (that my ad blocker did not detect), warning you about pictures, IP addresses, and asking you to type some data.
Do not type anything!
I don’t know how it started, but in my own case, a high school classmate wrote the following message on my Facebook wall:
I don’t know if you know but your pictures are on sinkstumble com
It’s not a website link, so any victims are manually typing (or copying and pasting) that address into their browser location bar. If you do so, and follow the instructions, you will be typing in the name of the friend who sent you to the site, then your name and email address. Then… the phishing takes over and sends the same message to every friend of yours, writing on their walls what “my friend” wrote on mine.
Get it?
I initially visited the site from my primary browser, and was forced to shut down the browser. I then tried from a different browser of mine with more rigid security settings, using fictitious names and email addresses. At that point, there is a friendly reminder not to click random links. But to get to that point, you’re spamming your friends.
Don’t go there. Hopefully, the site will be shut down in the next day or two…
![[Post to Twitter]](http://ariwriter.com/wp-content/plugins/tweet-this/icons/tt-twitter-big4.png){kind=icon}
![[Post to Delicious]](http://ariwriter.com/wp-content/plugins/tweet-this/icons/tt-delicious-big4.png){kind=icon}
![[Post to Digg]](http://ariwriter.com/wp-content/plugins/tweet-this/icons/tt-digg-big4.png){kind=icon}
![[Post to Reddit]](http://ariwriter.com/wp-content/plugins/tweet-this/icons/tt-reddit-big4.png){kind=icon}
![[Post to StumbleUpon]](http://ariwriter.com/wp-content/plugins/tweet-this/icons/tt-su-big4.png){kind=icon}
If you enjoyed reading this article, please continue into the comment section below where the conversation continues! You may follow future tips and strategies by RSS reader, email delivery, or Twitter @ariherzog.
Comments:
978.255.2625
{ 92 comments… read them below or add one }
your post is very informational.
though i’m curious how the phishing uses that person’s name. Is it because of the information you enter?
Thanks for the notice, I hate when FB or IM scams come around. I have infected a virus on a past computer yrs ago from accidentally clicking, not looking to get all my personal information taken.
Thanks for posting this. I just saw that one of my friends left a message like this on my wall. I’m glad that you found out about this and let me know not to worry
I just got a Facebook message from screamcaw, so it’s safe to say it’s the same thing.
Thank you, thank you! I got that message, googled it, and was warned by your post before I got any further. Your post is a service well rendered!
thanks for the tip! someone i have never talked to just wrote on my wall and said “Hey i wanted to tell you that someone put your pictures up on screamcaw.com”
Wow I just got a message from a friend in Facebook about sailroast and not wanting to appear stupid I googled it instead of asking my friend what she was talking about. I am so glad I did that and found your informative article, I have sent the article to my friend.
wow thx for that…my friend sent me this comment about my pictures being on sailroast and i did exacly what cindy had done and came to this site
add wailbot
Hey thanks millions for your info.
Thanks so much for all your information… big help!!
Add spoilroll.com as well
Add barkjump.com to sites using this exact same method.
add spoilroll and spoilhike to that list
Thx to @ariherzog just posted warning on FB pg abt scams: Now *SEVEN* known Facebook phishing scams abt pix/wall posts: [link to post]
– http://twitter.com/barbchamberlain/statuses/1082671525
– Posted using Chat Catcher
Thanks for the info Ari…. I rcvd the same msg from a friend in Tx. I’m reposting your note on my FB page for my friends to read too.
i got that message and i went to the website and entered in my e-mail adress but not the right password that goes with it, should i be worried?
Add crawlwhip.com to the list – my sister rightfully freaked out when a cryptic message with that URL got posted on her Facebook wall.
Good stuff, thx!:)
Sylwia Presley´s last blog post..when searching for an old photo…
RT @ariherzog: Facebook phishing. There are now eight, with crawlwhip.com the latest: [link to post]
– http://twitter.com/elipongo/statuses/1083152407
– Posted using Chat Catcher
I got a wall notice about wailhop.com also same line … pics are being … blah blah … http://answers.yahoo.com/question/index?qid=20081226214431AApyOLI tells about it.
Thanks for the new info
RT @ariherzog: Facebook phishing. There are now eight, with crawlwhip.com the latest: [link to post]
– http://twitter.com/susan_s_smith/statuses/1083168631
– Posted using Chat Catcher
add buzzpaddle-com
also add pretendtoss-com
thanks for the warning
you can also add sprayboil.com
to that list. cheers
HERE is that last link again, fixed! [link to post]
– http://twitter.com/TakeRoot/statuses/1084108412
– Posted using Chat Catcher
Yep, woke up to mine…
This is to let you know you photos are all over groanhop-com-check it
Noelle Mena´s last blog post..Last Week of December
@ericjodom [link to post] Here is the one about on Facebook Wall.
– http://twitter.com/TakeRoot/statuses/1084109631
– Posted using Chat Catcher
RT @ariherzog: Dammit. There are now *SEVEN* known Facebook phishing scams about pictures and wall posts. Details here: [link to post]
– http://twitter.com/debbiejames/statuses/1084274016
– Posted using Chat Catcher
beware [link to post] I just got one from a former co-worker
– http://twitter.com/tayedrums/statuses/1084310795
– Posted using Chat Catcher
Thanks for the comments, all. As I hear of new domains, I’m updating the top of the page.
Various people have sent me Facebook messages, too, wondering if they were victimized by visiting the page.
If you visit the page, you’re fine. If you fill in any information and hit the submit button, you risk being victimized. (Of course, I have no way of testing this other than your stories.)
it is a monkey when you go to the last step!!!U SEE A MONKEY!!!
I checked this out.
Whatever filtering service my firm uses must be pretty good because I received this message:
Gib´s last blog post..Proposition 8 Attorneys Working through the Holidays
@gingertate [link to post]
– http://twitter.com/susan_s_smith/statuses/1084752298
– Posted using Chat Catcher
Hey THANK you. I just saw a post for cryhike-com. is how it was posted. Facebook wont even allow cryhike.com to be posted, i put on the friends wall who had that and .com was not allowed, so they realized. Very Very Helpful.
Might as well add voterub. I stupidly entered information. although i did use fake information. hope my computer is safe.
Beware of Latest Phising Scam on Facebook [link to post] …hope it doesn’t happen to Twitter at all….
– http://twitter.com/johnyeng/statuses/1084998405
– Posted using Chat Catcher
Thax a LOT!
I could smell the hell!
Thanks Dude!! My friend left message like yours on my wall and i thought it sounded fishy…
Thanks for the info!
Add voterub.com to the list!
I’m an idiot. I made it all the way to the monkey. Thanks for the info; it was driving me nuts.
Read: [link to post]
– http://twitter.com/JimWinslow/statuses/1085352604
– Posted using Chat Catcher
Read: [link to post]
– http://twitter.com/JimWinslow/statuses/1085380331
– Posted using Chat Catcher
I’m an idiot. I made it all the way to the monkey. Thanks for the info; it was driving me nuts.
Here is the monkey.
really thanx a lot for your info Mr. ari herzog. My girlfriend ,crying andcalling me in phone while i’m working said someone superimpose her photos in facebook naked and post them to porn website called sprayboil.com. Like I want to bash that guy..but as i read your info now I undestand. thanx a lot
Add ringgrowl.com to the list
would spoilgiggle.com be one of these?
Omg..this happened to me and i visited the site and did everything!! OMG IM SO SCARED…DID IT GIVE ME A VIRUS!?!??!?? SOMEONE ANSWER ME PLEASE!!!!!!!!
As the world grows technically day after day, many are also looking for ways to take that advantage of growing technology to con people of either their money, information and privacy.
This, my friends is the clear definition of a SCAM.
It is our duty as Computer literates and specialists to overcome these people through posting Awareness Messages like these to update and inform innocent people of these cited SCAM sites.
These guys are really good, so they can come up with something new every minute.
Being computer literate, i believe posting every new Scam site will certainly do the trick.
Please send those new links and addresses to jaypworks@yahoo.com where they will be retrieved and investigated upon and posted over the internet at the earlist opportunity.
Together, we wont FAIL.
We won’t stop taking them down.
Thank you.
Jay-p Kalire
Jay-p Kalire´s last blog post..Funky Power FM Posters
Thank you for the warning…keep it up
Thanks for the timely warning.
well , i read this after i went on it :/
Beware cryhike-com msgs on Facebook – if u go2 th site u get many popups & asked 2 enter personaldata incl. email address [link to post]
– http://twitter.com/JTAN/statuses/1088282135
– Posted using Chat Catcher
holy toledo, lesson 2 simply ask 4 clairification frm author of post esp b4 legal threat, btw, UR post w/clear topic [link to post]
– http://twitter.com/MediaCollective/statuses/1090151922
– Posted using Chat Catcher
Thanks for the warning! I posted it on my profile on facebook so anyone can get it. Your site is a blessing
Yeah I got a message via facebook from someone I know only online and thought well how many could there be (photos that is) and who would want pics of my construction lol
So I googled and low and behold found this thread and I have to say I am pleased that I did. Thanks for the information you are very nice person to help others this way .
Chers
Beware of frightenfrighten.com
hi thanx so much for this. i went to the other sites to and typed in information and then started to worry that i wasnt getting anything and that my pics were everywhere. the other sites are. waveshiver/com and cackletoss/com
buzzpaddle/com is another one as well guys
buzzpaddle/com is hot and heavy this morning, flooding my Facebook account from all directions. Though I’m too old a geek in the industry to ever fall for such things I still tend to out of curiosity boot up an old machine which I’ve hacked to show zeros for an IP and, it’s a Mac, so the chance of a virus affecting it are just about nil, then surf the offending site referenced. The spammers really aren’t getting any more clever per se, I mean, you’d really have to be pretty obtuse to fall for this one and really any others. That said, I have fun on their site intentionally filling out very fake information line for line, usually reverting to a third of my age by throwing insults at their mothers and/or what I would do to them if I ever found them. Not to mention the good old Hollywood 555-555-1212 for a phone number. I sometimes think more people should visit these sites, NEVER by clicking their links, but visit them on a very well virus and bug proof machine, going directly to their URL of asking, and fill out the most outlandish or offensive info, that way they’re spending time trying to make heads or tails of false info or perhaps get the hint through as vile insults as people can come up with they are, indeed, the scum of the earth.
Apparently, my pictures are on “spoilgiggle.com”. Just without a dot between the spoilgiggle and the com… A slash instead. Same thing, I suppose.
Thank God for Google. I decided to search for it instead of going directly to the site. I’ll be sharing the link to this story on Facebook so people know that this is just another stupid scam.
Cuidado Con Los Facebook Wall Messages !! De Personas Desconocidas !! [link to post]
– http://twitter.com/nisti2/statuses/1092052094
– Posted using Chat Catcher
I and others just got this wall spam from a friend. It included spoilhike.com, swimhum.com, laughbang.com and passbump.com. Thank you for posting this!
My friend wrote on my wall about my pics on crawlwhip, I went there and it just seemed really odd. I knew better than to put any info. in and just closed the page. Awful that these computer people have nothing better to do than ruin others.
Thank u for telling me this. And hope that others wont go to these webs at all and filling out.
i just had the same thing on my fb.bloody trouble makers.they have nothing better to do.bloody pests.get a life.
FF: Beware Facebook Wall Messages About SinkStumble.com &8212; AriWriter (via StumbleUpon) [link to post]
– http://twitter.com/lordmattborg/statuses/1096324628
– Posted using Chat Catcher
what happens if you aren’t as web savvy as most people (or just woke up and aren’t running on any caffeine) and you went to the website and put in your name and email but then smelled a rat and didn’t enter a password? should i be setting up a new gmail account?
Rin and others, if you didn’t enter your password into those forms, you are OK, as you didn’t grant anyone access.
For the future, don’t provide your login name and password to any sites without checking a search engine or asking your friends. Sadly, there are some bad people in the world who try to make your lives miserable online. I’m not one of those people; I’m a friendly guy.
So there are not actually pictures posted? A window popped up in my browser saying that the computer detected that something had been downloaded from my IP address within the last 48 hours to the site. I googled the site to find this sort of page and it directed me straight to the site.
I have the same question, so there really arent any pictures. its just the way of getting people to go to the site?
That’s correct.
There are no pictures on the site.
If you visit the site, and if you enter your information, you are effectively giving someone else your password to do the same to your friends’ walls.
The moral here is don’t give your password to any website without checking first, as you did here.
I don’t know if these ones are up there, but I didn’t feel like reading them all. Hehe. pretendbump.com and voterub.com are two that I was bombarded with.
Facebook phishing scam explained: [link to post]
– http://twitter.com/mattharrell/statuses/1101821458
– Posted using Chat Catcher
RT @ariherzog: If you’ve followed the saga of Facebook phishing scams, there r now 44 & counting. update: [link to post]
– http://twitter.com/keithpape/statuses/1102076040
– Posted using Chat Catcher
Like everyone else who googled first and found your helpful information I am grateful and thank you personally.
All I can say is thank god I decided to google spoilroll before I typed anything. Can’t be too cautious these days!
Thanks, very helpful.
thanks, my comp wouldn’t let me go to the site for ever and when it did it brought me here. glad for the info.
Sweet. I even got a message from this new Facebook scam. [link to post]
– http://twitter.com/bizmark/statuses/1106566426
– Posted using Chat Catcher
Imagine that! SPAM type Phishing on a blog/forum site.. Good gosh thats original! I bet, in a few years, technology will be putting a man (Or to be politically freaking correct, A WOMAN) on the moon!
Dream to dream people!
Cheers Ari!
I just got the wall post on FB…smelled a phish…Googled the site and thankfully got your blog.
Keep smiling…
Matt
Ok, i’ve gotten two messages like this, one with ringgrowl ‘dit cim’ and another one, that i don’t remember and have since deleted. I tried to google the first one, but nothing came up until i tried looking up the ringgrowl. thanks for the info….
Thx i thought was a joke lol i was stupid thx alot
Glad I googled what crawl whip was – I wouldn’t have found your informative page if I had not. Thanks for the info. I recieved a wall message on facebook saying pictures of me have been posted on crawwhip dit on Jan. 9th. So I guess it’s still going strong.
I’m glad i found this.
I believe many others feel the same too.
Ruz´s last blog post..Why Publishers or Authors Re-title Books
Hey I just got a message on mine that said “Who put your pics on crawlwhip.” I am so lucky I found your site before I found the correct one! Thanks a million!
I’m glad I looked this up before going there. I just got a message on my Facebook saying “i don’t know if anyone told you this but you’re pics are on a worldwide website called stalkblast.com”
Thanks for saving me a lot of headaches!
Thank you!!!!!!!!!!!!!
Thanks! I got one of these on my Facebook page today from that my friend “posted” and so did one of our other friends. I had noo idea what the hell it was about so I googled it and found your page. Thanks again for the heads up!!
i have found this posted on my wall for buzzpaddle.com thank god checked here before i went looking for it thanks
Thanks, Ari!
Big help.
Thanks. I’m glad I found this b4 I searched for the site. I got a post on my facebook wall from a friend that says:
“So when did you put your pictures up on this internet address named dashpush”
I had never heard of this site so I searched it on yahoo, minus the .com part and eventually stumbled across this site.
Again, many thanks.