Updated Over 290,000 people have in the last few days clicked on a link that is spreading virally across Facebook, claiming to point to a video of someone who died after sending a text message on their cellphone.
The links are being posted on innocent Facebook users' walls by a rogue application. A typical message posted by the rogue application reads:
I am shocked!!! I'm NEVER texting AGAIN since I found this out. Video here: http://bit.ly/a37TaB - Worldwide scandal!
If you do make the mistake of clicking on the link then you are taken to the rogue Facebook application
The problem is that even though Facebook is warning users that they are giving the "I will never text again after seeing this" application permission to post to their wall (as well as access their personal information) many people are still go ahead and press "allow".
Why should you ever have to grant an application such permissions in order to watch a video?
Sigh.. Sometimes you just feel like you're hitting your head against a brick wall..
Sure enough - with the permission granted, the application begins to spread its links virally via your Facebook profile:
I'm Never Texting Again Since I Found This Out
<name> has seen a shocking video, which shows someone dying because of texting
Here's a YouTube video where I show you how to clean-up your Facebook account if you were hit by this, or similar scams:
(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)
Properly cleaning-up your account after you have given permission for the rogue application to access your Facebook account takes two steps. But I'll throw in a third for good measure.
1. Remove the application
Firstly, visit your Application Settings on Facebook and click on the "X" to remove the app from your profile.
You will be asked to confirm if you really want to remove it. Obviously the correct answer is to go ahead and remove it.
2. Clean-up your wall
With the application gone, you now need to clean-up your own wall - and stop advertising the link (and rogue application) to your online friends. Hovering your mouse over the posts on your wall should display a "Remove" option which will allow you to sanitise the news feed you are sharing with others.
3. Get smart
There are only two things you need to do to clean-up your Facebook account, but I'd recommend you get yourself educated about internet threats too, so you're wise to these sort of attacks in the future. If you're regular user of Facebook, you should really join the Sophos page on Facebook to be kept informed of the latest security scares and attacks.
And don't forget to tell your Facebook friends who passed on this rogue app to you, so they can be wiser in future.
Update Some folks asked me how I know how many people have clicked on the link. Easy! I looked up the url on bit.ly:
Bit.ly's stats also tell me that the vast majority of clickers are from the USA - over 225,000 Americans so far..