Sophos’s page on Facebook has thousands of members – sharing information about the latest threats. Today I’m indebted to one member, Robert, who alerted me to a new scam spreading virally across the social network.
Users are seeing updates from their online Facebook friends saying things like:
Amazing how such a harmless prank could cause something so bad! [LINK]
where the link points to a page on Facebook.
If you are tempted into clicking on the link (as many people have been) then you are taken to page urging you to give permission for a third party application to access your Facebook profile.
This is key for the scam to work. The application needs to be able to share its link virally with as many Facebook users as possible – that way, it can maximise revenue for the scammers.
You may not realise this of course. You may believe that you’re simply going to watch a video of a “harmless prank that ends in tragedy”.
If you do give permission to the rogue Facebook application, you’re presented with a page with an embedded YouTube video.
The video, which many may find disturbing even though it is clearly fake, shows a masked man waiting in a house for a returning woman. When the woman enters the house he jumps out on her and she runs out of the house and is hit by a passing car.
The video is available on YouTube, but is restricted to 18 year old users and older because of its disturbing content.
But the whole intention of the scam spreading on Facebook is to trick you into completing an online CPALead-affiliated survey which earns money for the scammers.
If you really want to watch videos like this (and I can’t imagine why you would), I’d urge you to dig them out on YouTube directly rather than helping to put money into the pockets of scammers who are making life on more and more of a drag each day. Because when you give a rogue application permission to access your Facebook profile, they’re going to use it to spread their spammy messages.
If you have been hit by a scam like this, delete the messages from your profile and remove the rogue applications that have access to your account.
Here’s a YouTube video where I show you how to clean-up your Facebook account:
(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)
If you want to learn more about security threats on the social network and elsewhere on the internet, you could do a lot worse than join the Sophos Facebook page.Follow @gcluley