If one of your friends said they were never going to drink Coca Cola again after watching a horrific video, would you be tempted to watch the video?
Judging by the number of Facebook users who have posted status updates claiming they are never going to drink Coca Cola again, it seems plenty found it an invitation impossible to resist.
A typical message reads:
<name> I am part of the 98.0% of people that are NEVER gonna drink Coca Cola again after this HORRIFIC video --> http://www.%5Bremoved%5D
Find out the TRUTH about Coke!!!
If you do click on the link you will find yourself on a website saying that “9/10 People said they WOULDNT drink Coca Cola After seeing this video!!!” above a thumnail of a video which says that “Coca Cola can’t hide its crimes”.
Perhaps surprisingly, this webpage isn’t exploiting the now familiar clickjacking technique to falsely claim that the Facebook user “Like”s the page without the user’s permission. Instead, they say you can’t watch the “horrific video” until you’ve shared the link on Facebook by hand seven times.
The page claims to poll whether you have shared the link enough (in order to allow the video to be viewed). But when you realise you’re not making any progress – despite your valiant attempts to recommend the link to all and sundry – you might hit the link which says:
>>>Cant Be Botherd To Wait? --> Click Here To Skip This<<<
And this link takes you to a survey which asks you for all sorts of personal information.
So, let’s recap.
You’re on Facebook. One of your friends posts that they are part of the 98.0% of people that are never going to drink Coca Cola again after watching a horrific video. You visit the link to see what all the fuss is about, click on “Like” or “Share” umpteen times to distribute the link to your friends, and end up answering all kinds of questions and giving away personal information.
Meanwhile, all your friends are also clicking “Like”, posting links to their friends, answering questions and giving their personal data away, and never actually seeing what they started out wanting to see. Meanwhile their friends..
and so on..
If you’re a regular user of Facebook, be sure to join the Sophos page on Facebook to be kept informed of the latest security threats.