Never Texting Again: Facebook rogue app spreading quickly

Filed Under: Facebook, Rogue applications, Social networks, Spam

Updated Over 290,000 people have in the last few days clicked on a link that is spreading virally across Facebook, claiming to point to a video of someone who died after sending a text message on their cellphone.
The links are being posted on innocent Facebook users' walls by a rogue application. A typical message posted by the rogue application reads:

I am shocked!!! I'm NEVER texting AGAIN since I found this out. Video here: http://bit.ly/a37TaB - Worldwide scandal!

Facebook status messages from affected users

If you do make the mistake of clicking on the link then you are taken to the rogue Facebook application

Rogue Facebook application

Permission request from rogue application

The problem is that even though Facebook is warning users that they are giving the "I will never text again after seeing this" application permission to post to their wall (as well as access their personal information) many people are still go ahead and press "allow".

Why should you ever have to grant an application such permissions in order to watch a video?

Sigh.. Sometimes you just feel like you're hitting your head against a brick wall..

Sure enough - with the permission granted, the application begins to spread its links virally via your Facebook profile:

I'm Never Texting Again Since I Found This Out
<name> has seen a shocking video, which shows someone dying because of texting

Facebook account hit by app

Here's a YouTube video where I show you how to clean-up your Facebook account if you were hit by this, or similar scams:

(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)

Properly cleaning-up your account after you have given permission for the rogue application to access your Facebook account takes two steps. But I'll throw in a third for good measure.

1. Remove the application
Firstly, visit your Application Settings on Facebook and click on the "X" to remove the app from your profile.

The rogue application should be removed through Facebook Application settings

You will be asked to confirm if you really want to remove it. Obviously the correct answer is to go ahead and remove it.

Facebook asks for confirmation that you do wish to remove the application

2. Clean-up your wall
With the application gone, you now need to clean-up your own wall - and stop advertising the link (and rogue application) to your online friends. Hovering your mouse over the posts on your wall should display a "Remove" option which will allow you to sanitise the news feed you are sharing with others.

3. Get smart
There are only two things you need to do to clean-up your Facebook account, but I'd recommend you get yourself educated about internet threats too, so you're wise to these sort of attacks in the future. If you're regular user of Facebook, you should really join the Sophos page on Facebook to be kept informed of the latest security scares and attacks.

And don't forget to tell your Facebook friends who passed on this rogue app to you, so they can be wiser in future.

Update Some folks asked me how I know how many people have clicked on the link. Easy! I looked up the url on bit.ly:

Bit.ly statistics

Bit.ly's stats also tell me that the vast majority of clickers are from the USA - over 225,000 Americans so far..

, ,

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.