Anaconda coughs up a hippo? It's a Facebook scam spreading virally

Filed Under: Data loss, Facebook, Rogue applications, Social networks, Spam, Video

Fake video thumbnail
Yet another rogue Facebook application is spreading its tentacles rapidly across the social networking system, posting messages from users' compromised accounts claiming to be a link to a video of an anaconda coughing up an entire hippo.

A quick search on Facebook finds thousands of users who appear to have updated their status with the message about "the scariest snake ever":

OMG, this is the biggest and scariest snake I have ever seen, check out this video

followed by a tiny.cc link.

As you can see in the following video, clicking on the link takes the unsuspecting Facebook user to a rogue application.

(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)

The rogue application tricks the user into giving it permission to access their Facebook profile, list of friends and be allowed to post status updates and messages onto their profile (which can then be seen by their Facebook friends).

Anaconda rogue application on Facebook

The point of the application's spamming is to draw Facebook users into taking online surveys - and each time a victim completes a survey, the scammer makes some commission. Even if you don't take the survey, the rogue application has already abused your Facebook account - changing your status message and spreading an advert for the alleged "shocking video" to your news feed:

SHOCKING! Anaconda Coughs Up An Entire Hippo!
Horrifying snake killed a huge hippo! SHOCKING! Video

Anaconda coughs up hippo messages

The other important thing here, of course, is how are you going to protect yourself in the future. Clearly many people need to be helped determining what is safe and what isn't safe behaviour on a social network - and education about new breaking threats is a great way to raise awareness.

If you have Facebook friends who you believe are acting unsafely online invite them to join the Sophos page on Facebook.

, , , ,

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.