Facebook Notifications Alert You Right Into a Great Scam and Malware

A friend commented on your Facebook post and you see a notification in the corner of your app or an email arrives getting you all excited to know what that friend said. So you click the included link in the notification or email and Bam! You download malware to your device.

This is one of the scams making its way around Facebook right now. In this scam, merely clicking the link in the notification that you were tagged or a comment was made will not execute the malware. However, if you click on the file that was downloaded, it will. This one primarily preys on users of the Chrome browser using a JavaScript encoded file, but other browsers are likely not immune. A second Facebook scam uses clickbait to lure unsuspecting victims and is getting around Facebook’s filters for malicious links.

Clickbait is a photo or headline that is of a provocative or sensational nature with the intent of attracting clicks, views, or site visits. The objective of the hackers in this second scam is to steal login credentials, which will ultimately allow them to do more phishing. The clickbait is pornographic in nature and theoretically should be caught by the phishing filters.  However, it has not yet been and the links are being posted to various Facebook groups.

When the play button on the video is clicked, the user does not see the promised nude girl, but is redirected to a site where he or she is asked to enter Facebook login credentials and a phone number.

Then the user is redirected to an online survey that collects additional information. In some cases, users are redirected again to another site that downloads a fake version of Flash Player that includes either malware or adware, or possibly both. In any case, it’s not a good thing.

One good thing is that users of Chrome seem to be somewhat protected against the second scam because Chrome blocks one of the sites hosting it. However, the scammers are onto that and are already using other ones that have not yet been identified.

It’s always best to avoid clicking links in email messages or in other types of notifications, especially if they are not expected. Instead, go directly into the app or to the site using a previously bookmarked link or by typing the URL into the address bar, being careful not to mistype it (this could lead to other infections by typosquatters or do-jackers). Use caution when clicking on videos or links in Facebook or any social media. Even if they appear to have been posted by your friends, they may actually come from a hacker who has compromised your friend’s account in some way. If you are suspicious in any way, it’s best not to click it.

If you click a link and it asks you if you want to run a program or execute something else, click the negative option unless you know it’s legitimate. And always keep your computers and mobile devices updated with the latest versions of software. Make one of those pieces of software a good anti-malware product.

The Google Chrome browser has been used in several cases to compromise users’ systems. Not long ago a fake Chrome for Android update was used to steal personal data and last year, the CTB Locker ransomware was circulating masquerading as a Chrome update.

© Copyright 2016 Stickley on Security