Facebook scam remotely executes actions on your account

You’re on Facebook. You notice that one (or several) of your friends “liked” a page named “99% of people can’t watch this video for more than 25 seconds”. You’re interest is piqued.

You follow the link and end up on the page, featuring a picture of a young woman covering her face. Selecting the “Video Here!” tab reveals the following:

So, in order to see the video, you must copy the javascript from the text box to the address bar of your browser. If you don’t know it yet, let me tell you that’s really a bad idea.

AVG’s Roger Thompson took the next step for you and found out that the javascript in question automatically makes you “like” this page – making this preference pop up on your account profile – and sends out invitations to your friends to visit the page.

After that, a pop up window tries to pass itself as a “Security Check” and asks you to prove that you are human by selecting a game to play, apply for a gift card, check out some quotes or complete a survey.

At this point, Thompson stopped clicking. “It’s not clear what the payload is at this point, because we’re still figuring it out, but it’s probably one of the sites that wants to charge you $9.95 a month automatically to your mobile phone account,” he says. “This is the first time that this writer has seen Facebook controlled remotely like this.”

This is obviously a rather successful tactic – the page was “liked” by almost 600,000 users. A quick search on Facebook reveals that the page has been taken down, but this will definitely not be the last time this approach is used.

Users are advised to reign in their curiosity when it comes to similar online content and to ignore instructions that require them to copy-paste any kind of code into their browsers or accounts.




Share this