I read the email and smiled - all that work I do trying to get users to reach out to me when they are confronted with something suspicious pays off! Bob (not his real name) had taken a screen shot of the strange error message and sent it to me asking how to proceed. He had been using Chrome, the...
So this is still a bit of a mystery, but its obvious that somehow someone has managed to get hold of the login account for the RUSH (the band) Facebook page. I first noticed strangeness yesterday, but it reared its head again today so I took a couple snapshots. I'm pretty sure we're dealing with the official Facebook page for the band because it's linked off the official RUSH website, but it's possible of course that the official page has been hacked and they replaced the link with one they control. The defacement thats been done is pretty lame - if I stolen the account I'm sure I'd be able to come up with something a tad funnier like a post about Geddy getting his vocal chords surgically shortened so he could sing all the good tunes again.
Some of the sites I run are database driven and allow a lot of user interaction. For users to participate on these sites at some elevated level with rights to create, modify, or delete content I usually set the system to require email authentication. Since most of my sites are fairly low traffic dealing with new applications for user accounts hasn't been too taxing, but even with Captcha in place (which makes you type in the funky letters you see) there are still plenty of obviously bogus applications.
