After seemingly successfully spreading a scam across Facebook disguised as free JetBlue Airways tickets yesterday, the bad guys have turned their attention to Delta Air Lines.
Messages seen spreading today on Facebook look like this:
Just Got 4 Delta Air Lines Tickets For Free
They are offering 4 tickets to use in the Holiday Season. Grab yours now
Maybe your security spider sense should already have made you suspicious about the seemingly oh-so-generous offer, but no doubt there are many people who would have felt tempted to click on the link. Especially when it appears on the wall of one of your Facebook friends.
If you do click on the link you are taken to a page which tells you you will need to "connect" if you want to receive your four free tickets.
Which, in turn, takes you to a standard permissions dialog asking you to grant access for the third-party application (called 4freedeltatickets) to peruse your profile, grab personal information from you, send you spam emails and even post to your wall.
Having done all this - will you actually receive four free Delta Air Lines tickets? I doubt it. In my case, I was taken to a webpage which asked me for my mobile phone number. In tiny print underneath it explained that by submitting my cellphone number I would be signing up for an expensive premium rate service - no thank you!
No doubt the scammers are earning commission by directing unsuspecting users in an underhand way to webpages like this.
And meanwhile, you'll find that the rogue application has taken advantage of its right to access your Facebook profile, by spreading the message virally via your own wall. It's even added you to an "event" in a future attempt to spread news of the bogus offer!
If you've found that you have fallen victim to a scam like this, remove references to the scam from your newsfeed, revoke the right of the rogue application to access your profile via Account/ Privacy Settings/ Applications and Websites, and delete any events that you aren't interested in.
Here's a quick YouTube video where I show you how to clean-up your Facebook account from such an attack:
(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)
If you're a keen user of Facebook, you should also join the thriving community (over 32,000 so far!) on the Sophos Facebook page.
Hat-tip: Thanks to faithful Naked Security reader Aniko for bringing this threat to my attention.