“Change Facebook color theme” scam leads to spying Chrome extension

The end of one year and the beginning of another strikes a lot of people as the perfect moment to change something in their life and start with the proverbial clean slate. This need to change something – anything – has seemingly not gone unnoticed by cyber scammers.

In the last few days, Facebook users have been hit by two malicious offers to change how they and others see their Facebook accounts.

First there was the offer of seeing how Facebook will supposedly look in 2013, and then the well-known “Change your Facebook color theme” scheme that is trotted out every few months.

The lure in this last scheme is always the same, but what it requires users to do changes according to occasion – sometimes the cyber crooks want users to use a bogus app that will be able to post spam on their behalf, other times it leads to phishing pages.

This time, the users are required to download a Chrome extension – and accept its EULA and Privacy Policy – that will be able to access their data on all websites, their tabs and their browsing activity (click on the screenshot to enlarge it):

And if a user comes to his senses and refuses to do so, the scammers will try one last scheme and ask him to complete a survey.

“To further improve its legitimacy, and to play by Google’s newly introduced strategy to fight rogue Chrome extensions, the cybercriminals behind the campaign not only hosted it on Amazon’s cloud, they also featured it in Chrome’s Web Store,” says Webroot’s Dancho Danchev.

“Users are advised to be extra cautious when accepting EULAs and Privacy Policies, in particular when installing browser extensions that have the capacity to access sensitive and personally identifiable data on their PCs,” he warns.

Don't miss