No matter how often fake “See who viewed your profile” apps are touted on Facebook, there are always users that fall for the trick and follow the steps required by the scammers in order to use them.
BitDefender researchers have recently spotted a variation of that scam, and it has been targeting Spanish-speaking Facebook users. As usual, the user sees a variation of a message on his friends’ feed, saying that that person is spying on his Facebook conversations and that he can do the same if he installs the touted app.
The offered link takes the user to a bogus Facebook page titled “Espia el chat 2001” (“Spy (on) the chat 2011”), and instructs the targeted user follow a few steps in order to reach a page from which the app can be downloaded.
The first step is to “Like” a number of pages whose names are not shown. “Click on all the ‘Like’ buttons or you won’t get access to the content”, the message warns.
The next two steps require the user to input his name and country. After that, finally, he is allowed to download the app. But, it’s not an app – it’s a Chrome add-on. Also, notice how the name has changed to “Espia conversaciones 2012”, and that it will have access the user’s data on all websites:
Once installed, the add-on will use that access to face the user with sponsored adds each time he starts his browser.
In addition to that, it will also apparently reconfigure the user’s Facebook account and add new features: Manage functions, Activity filters and Profile skins. These features are just a cosmetic addition – they actually can’t do anything. And, as the user may or may not notice at first, there is no trace or mention of a feature that would allow him to spy on conversations.
But the scammers have achieved their goal – not only did the user “Like” some pages in which the scammers are obviously invested in, but has also shared his name and country – information that will surely be used for customizing future spam runs. I am merely surprised that they didn’t throw in a survey (or three) into the mix.