Do you imagine that the scammers hang up their stockings at Christmas, pour themselves a brandy and take a break from their money-making schemes?
Well, think again. There are plenty of scams circulating right now on Facebook, for instance, designed to generate revenue by the use of rogue applications and social engineering lures.
Take this one, for instance, which is spreading at the moment:
OMG! 92% of the people who watch this will fall asleep instantly [LINK]
Curious stuff indeed! Would you be tempted to click further? Lots of Facebook users have been, and this is what they see next.
92% of the people who watch this video will fall asleep instantly. A weird phemomenon that even scientisst don't have a proper explanation for. If you are ready to fall asleep click the PLAY button below!
My guess is that most people at this point don't have their suspicions roused. After all, the link appears to have been shared with them by one of their Facebook friends... or at least their friend's Facebook account (a subtle difference that many people overlook).
If you do decide to investigate deeper you will be asked to authorise a third party application to have access to your profile, including the ability to post messages to your wall.
Now, most readers of the Naked Security site or members of the Sophos Facebook community would have alarm bells ringing at this point, and realise the dangers in allowing an app written by parties unknown to have such access to their Facebook profile.
If you did decide to continue, however, two things would happen:
Firstly, you would be presented with an online survey - demanding that you complete it and hand over personal information before taking you to a YouTube self-hypnosis video. The scammers make money for every survey completed, of course, in the form of earnt commission.
Meanwhile, your Facebook profile is updated without your explicit permission - promoting the "OMG! 92% of the people who watch this will fall asleep instantly" message even further across Facebook, helping it to spread further and earn even more cash for the scammers behind this social spam attack.
Here's a YouTube video where I show you how to clean-up your Facebook account if you were hit by this, or similar scams:
(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)
Don't walk into scams like this with your eyes closed. Keep your wits about you and stay informed about the latest scams spreading fast across Facebook.
If you're a member of Facebook don't forget to join the Sophos Facebook page to stay up-to-date with the latest security news.