My fellow blogger Chet Wisniewski wrote overnight about a rogue Facebook app that claims to show a video of a girlfriend and boyfriend being hit by a car as they are kissing, and now we're seeing widespread status updates from Facebook users claiming to be about Justin Bieber flirting.
The messages read:
OMG Justin Bieber trying to flirt, check it out
followed by a tiny.cc link, and are sent by an application called Bieberflirting.
If you're one of the millions of teenybopper fans of Justin Bieber (and somehow I doubt that if you're reading this blog..) then you may be tempted into clicking onto the link to find out more about your hearthrob's seduction techniques.
What happens, however, is that you are taken to a rogue Facebook application that asks permission to access your profile.
If you find that your Facebook account has been compromised by the Bieberflirting application, clean-up any messages it may have posted to your status updates and remove the application's right to access your profile. After all, you've just given it access to grab your personal information and to post messages on your wall.
We've reported the rogue application to Facebook, and hopefully they will shut it down shortly.
Here's a quick YouTube video where I show you how to clean-up your Facebook account from such an attack:
(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)
Justin Bieber is no stranger to having his name abused by Facebook cybercriminals, of course. In the past we've seen claims that Bieber has been caught being naughty on his webcam, that his cellphone number has been released on the net, and pictures of him and Cheryl Cole being used as bait.
If you're on Facebook, and want to learn more about security threats on the social network and elsewhere on the internet, join the Sophos Facebook page.
Follow @gcluley
36 friend requests... priceless