Sophos Cloud Optix
Serene Branson, a CBS Los Angeles newsreader, became an unwilling YouTube star overnight after speculation spread that she had suffered a stroke while presenting from the Grammy Awards.
The footage of Serene Branson stumbling over her words quickly became viral, as users on Facebook and Twitter passed the link on to each other.
Although reports indicate that Miss Branson was not hospitalised and is “feeling fine”, interest in the video snippet continues to bubble away – and now scammers are exploiting the news story.
If you see a message like the following posted from one of your Facebook friend’s accounts don’t click on the link.
Omg this reporter had a stroke on live tv check it out [LINK]
If you do make the mistake of clicking on the link – perhaps out of morbid curiousity to watch Serene Brandon struggling in her piece to camera – you will be presented with a screen like the following claiming that what you are about to do is use a “verified app”.
Of course, the Facebook app is in reality a third-party rogue application, designed to make money for the scammers who instigated the scheme.
The scammers’ plan is to exploit interest in the Serene Brandon video, by tricking users into approving an application that will be able to access profiles and post messages onto the walls of Facebook accounts.
Clicking “Approve” is a bad idea, but many people fall for social engineering tricks like this all too easily.
What you probably don’t realise is that behind-the-scenes your own Facebook page has published the link to your online friends and family, encouraging them to also click on the link.
In this way the link spreads virally, increasing the opportunities for the scammers to make money.
And how do they make money? By presenting you with the all-too-familiar survey scam before you can watch the video footage. If you complete the survey, the scammers earn a small amount of commission – and you’ve helped them generate even more by sharing the link virally via your Facebook page.
If you made the mistake of approving the rogue application you should remove it immediately, and remove the offending messages from your Facebook profile before your friends are also roped into the scam.
If you have been hit by scams like this on Facebook, and are struggling to clean-up your profile, here’s a YouTube video I made which describes what steps you need to take:
(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)
Make sure that you keep informed about the latest scams spreading fast across Facebook and other internet attacks. Join the Sophos page on Facebook, where over 60,000 people regularly share information on threats and discuss the latest security news.
You could also do a lot worse than check out our best practices for better privacy and security on Facebook guide.
I think it's sad that scams like this work because there is some percentage of the population that sees the link and thinks "Someone having a stroke on air? I'd love to see that!".
Why wouldnt someone want to see that. Its called curiosity. Do you look away if a car accident happens in front of your face??
Fair point, I think the users might be justified here. For the scammers to make money out of it though, that's just wrong.
correct, you do not look away, but you do not give them your information and your friends and family's information to see that accident.
I have a general question…
Naked security posts almost every day one post about the latest fake facebook application. How exactly is this news? You have posted so many that we have really gotten the point… When I don't check my RSS feeds for a week, I have 20-30 stories waiting for me and at least half of them are about a facebook scam.
Yes facebook scams are potentially dangerous and yes we must be careful. But it is hardly news to anyone anymore. I think you should reconsider your posting policy….
Hi Nick
We recognise that not everyone is going to be interested in the stories of the latest Facebook scams, but – unfortunately – they *do* impact a very large number of people. Although part of our audience is sysadmin types like yourself (who'd hopefully know better than to allow such an app to access their Facebook account) there's also a very large community of folks who are falling for these scams every single day.
In fact, over 80% of the people who visit the Naked Security site each day have never visited us before – so you can imagine that many aren't aware of these scams.
For your interest, the Facebook scam stories are by a long way the most popular stories on our site – we've had many hundreds of thousands of Facebook users reading them, presumably because they have been so widespread and problematical. So although they haven't been your cup of tea, they have helped educate a community which – sadly – Facebook itself has failed to properly protect.
As some of these scams have also delivered malicious code in the past, I think there's a real benefit for corporations too to ensure their users are educated on the threat.
We certainly don't write about every scam we see (if we did, you'd see a dozen new articles by me every day!) but we do try and highlight those ones which use new techniques or appear to be hitting a sizeable number of people.
What we're trying to do with Naked Security is both raise awareness amongst the general public about security threats so regular users can protect themselves better when online *and* provide sought-after expertise for sysadmins such as yourself.
Inevitably, we're not going to please everyone everytime, but we've tried to design the site in such a way that you can easily ignore articles you're unlikely to be interested in (most of our Facebook scam stories will be obvious from their title, for instance, so they can be easily skipped)
And if you use our RSS feed in a tool like Google Reader you can easily choose the articles you're interested in by headline.
I hope the Facebook stories don't ruin your enjoyment of Naked Security too much. We are mindful of not being *too* Facebook heavy on our site, and hope you'll find lots more non-Facebook stuff up there to keep your interest
Thanks again for your feedback which is definitely appreciated as we continue to evolve the site.
I understand both sides. Im a regular user, but I really come here to read the great blogposts on vulnerabilities and counter measures. The Sophos risk report was worth coming here for the rest of the year as I really enjoyed it. I do sympathize with the poster’s frustuation since the “bad guys” facebook strategy tends to be jump on a popular trend, try and trap as many users as they can, and then lather, rinse, repeat.
cheers, btw love your security wrap up on you tube.
Our school district just started using Sophos. Your regular posts on Facebook scams are timely and your site is an excellent resource to which we can point the users. Keep it up. It's just a link, after all, and nobody is forced to click on it.
I have friends who constantly fall for these scams, even though I have posted numerous warning about them.