Student attacked his teacher and nearly killed him? OMG! It's another Facebook scam

Filed Under: Data loss, Facebook, Malware, Rogue applications, Social networks, Spam

Over the last few weeks we've seen more and more scams spreading virally across Facebook, tricking users into clicking on links and approving rogue applications. We've seen anacondas coughing up hippos, the world's worst McDonald's customer, and even the lure of hidden messages in Toy Story 3 being used as clickbait by recent outbreaks.

Here's one of the latest examples, where Facebook users are unknowingly spreading messages that say:

This student attacked his teacher and nearly killed him. OMG You all have to see this!

Student vs teacher

Clicking on the link takes you to a rogue application, designed to post the link again onto your Facebook page.

Of course, the applications wouldn't be able to send messages from the accounts unless the Facebook users had granted the rogue application permission to access their profile.

Sadly many people will grant the permission without thinking, as they keen to see the video that their Facebook friends appear to be recommending.

Note that in the above example, the application even asks for permission to email you directly at your non-Facebook address. One can only assume that this will be for the purposes of sending spam or spreading more mischievous links.

Even after granting permission, the shady people behind the rogue application want you to jump through some additional hoops - asking you to specifically invite five of your Facebook friends to join the application as well.

Student vs teacher app

As I said, we are encountering more and more of these scams every day spreading using this sort of mechanism on Facebook. Some of them additionally attempt to skim affiliate money by requiring users to complete online surveys.

Here's another one.

OMG! TEACHER BEATS UP A STUDENT. SHOCKING VIDEO!
Teacher beats up a female student. Awful.
Have you seen this? What would you do if this was you or your child?

In this case, you do actually get to see a YouTube video - although only after you've granted permission for the application to access your profile, and after it has updated your profile to advertise the link to even more people on Facebook.

Shocking Video rogue Facebook application

As this problem continues to get worse, one has to wonder how Facebook plans to stamp it out. At the moment it looks like the bad guys are winning, and are making the social network a less fun place to be.

Remember if you've been hit by any attacks like this to remove all references to it from your profile (so it can't be shared further with your online friends), and check your Facebook applications settings to ensure any rogue applications have been removed.

Here's a YouTube video where I show you how to clean-up your Facebook account:

(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)

If you have Facebook friends who you believe are acting unsafely online invite them to join the Sophos page on Facebook.

, , ,

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley is an award-winning security blogger, and veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.