over the river and on the wall…

http://www.facebook.com/profile/pic.php?uid=AAAAAQAQVN6kRM9mqox7tq25CgtE7AAAAAqpiRKkgQr4uj7WRadnB1M1

I got a facebook wall-to-wall from someone i’ve never gotten a face book message from before.  Being the overly suspicious person i am, i queried the domain name,

Domain name:
      BK9WH.TK
   Organisation:
      BV Dot TK
      Dot TK administrator
      P.O. Box 11774
      1001 GT  Amsterdam
      Netherlands
      Phone: +31 20 5315725
      Fax: +31 20 5315721
      E-mail: abuse: , copyright infringement:
   Domain Nameservers:
      NS01.DOT.TK
      NS02.DOT.TK
      NS03.DOT.TK
      NS04.DOT.TK

I then looked at her wall and saw that she posted similar messages to over 20 other people’s wall.. each with a similar message..

 image

with one of these three variants:
This seems like a good deal, what do you think? www.bk9wh.tk
Do you know anyone that has tried this? www.bk9wh.tk
Do you think this stuff works? www.bk9wh.tk

The link takes you to a redirect that then reinfects you with the same bug and on and on it goes. 

Common Sense:  Don’t click on links directly, and especially not suspicious ones from someone you know wouldn’t send you one otherwise.