Miley Cyrus and cybercriminals make strange bedfellows

Miley Cyrus. Image courtesy of Helga Esteb/Shutterstock.

Miley Cyrus. Image courtesy of Helga Esteb/Shutterstock.Miley Cyrus will be eighteen years old tomorrow.

I don’t know if her father, legendary “Achy Breaky Heart” singer Billy Ray Cyrus, will be joining in her birthday celebrations, but I imagine he’ll be quietly wiping away a tear as his daughter finally becomes officially an adult (at least as far as the age of consent in her home state of Tennessee is concerned).

The pop singer and Hannah Montana star has had her fair share of encounters with the world of cybercrime during her short life.

For instance, a couple of years ago, a hacker called “Trainreq” took advantage of the fact that Miley Cyrus was using the same password on multiple websites, and broke into her Gmail account, stealing candid photographs of her “posing provactively” in her underwear and swimsuit.

I found it astonishing that parts of the media felt comfortable reproducing the stolen photographs – did no-one at the time care that the poor girl was only fifteen years old?

And last year, Miley Cyrus proved that she hadn’t learnt many lessons about password security after her Twitter account was compromised by hackers who posted offensive messages in her name.

Miley Cyrus hacked on Twitter

You can’t really imagine her Disney overlords being too happy with that kind of image being associated with their squeaky-clean star.

But now Miley Cyrus is 24 hours from being all grown up. Not that another bunch of cybercriminals are waiting for her to reach the age of consent.

A message spreading across Facebook claims to link to video footage of Miley Cyrus with her latest boyfriend.

Miley Cyrus scam

Miley Cyrus went too far with her hot boyfriend. Wow! she is wild.
With hot boyfriend she went too far!
Fun Video

If you were an admirer of Miley, you might well be tempted to click on the link and ask questions later. Such an action would take you to a webpage which tricks you into believing that you are about to see scandalous video footage of the star going “too far” with her boyfriend.

Watch Miley Cyrus With Her New Boyfriend!! Wow She Went Too Far

And what do you know? The perpetrators of this latest scheme are using a photo that Miley Cyrus apparently took herself, baring her midriff – I wouldn’t be surprised if it’s one of the pictures that was stolen from her Gmail account when she was fifteen years old.

Clicking further will take you to a rogue Facebook application that asks you to grant it permission to access your Facebook profile, post to your wall and so forth. In this way it’s very similar to many other scams we’ve seen spreading virally in the past (we saw a rather sordid example involving another teen pop sensation, Justin Bieber, this weekend of instance).

The scammers’ end game is to trick you into taking an online survey. You’re tricked into believing that you need to complete the survey in order to see the promised content. The bad guys, meanwhile, are earning commission for every survey completed, and are using your Facebook account to spread the links even further.

If you’ve been hit by a scam like this, remove references to it from your newsfeed, and revoke the right of rogue applications to access your profile via Account/ Privacy Settings/ Applications and Websites.

Here’s a quick YouTube video where I show you how to clean-up your Facebook account from such an attack:

(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)

If you know young people who use Facebook, don’t forget to warn them about scams like this and teach them not to trust every link that is placed in front of them. Furthermore, you can learn more about security threats by joining the thriving community on the Sophos Facebook page.

There’s only one thing left to say. Happy birthday for tomorrow, Miley. Your dad is a legend.

Image of Miley Cyrus courtesy of Helga Esteb /