You’re on Facebook. You notice that one (or several) of your friends “liked” a page named “99% of people can’t watch this video for more than 25 seconds”. You’re interest is piqued.
You follow the link and end up on the page, featuring a picture of a young woman covering her face. Selecting the “Video Here!” tab reveals the following:
After that, a pop up window tries to pass itself as a “Security Check” and asks you to prove that you are human by selecting a game to play, apply for a gift card, check out some quotes or complete a survey.
At this point, Thompson stopped clicking. “It’s not clear what the payload is at this point, because we’re still figuring it out, but it’s probably one of the sites that wants to charge you $9.95 a month automatically to your mobile phone account,” he says. “This is the first time that this writer has seen Facebook controlled remotely like this.”
This is obviously a rather successful tactic – the page was “liked” by almost 600,000 users. A quick search on Facebook reveals that the page has been taken down, but this will definitely not be the last time this approach is used.
Users are advised to reign in their curiosity when it comes to similar online content and to ignore instructions that require them to copy-paste any kind of code into their browsers or accounts.