You’re at your desk, working away, when you receive a message from a Facebook friend. You click on the link. Congratulations! You’ve just fallen for the latest social media adware scam.
While little is known about the adware or those behind it, the adware uses Facebook Messenger to track your web browser activity and pushes you to click on malicious ads or give out personal information. The adware is also able to send messages to people on your contact list. Others will now receive a fake message from your compromised Facebook account.
The message will include your name followed by the word ‘Video,’ a shocked face emoji and a shortened URL. When the URL is clicked, it redirects to a Google Doc with a blurred photo taken from your Facebook page. The photo looks enough like a genuine video to warrant a click, which then redirects to a number of targeted websites. If you use Chrome, for example, they’ll be taken to a website that looks just like YouTube … logo and all. A fake error message will trick the user into downloading a malicious Chrome extension.
The goal is to move unsuspecting users through a set of websites so tracking cookies can monitor activity and display malicious ads or coax users to give up personal information.
Facebook has rolled out a number of automated systems to stop harmful links and files, but you should be very skeptical of shortened URL links sent to you by Facebook friends. Cybercriminals are turning to social media platforms like Facebook as their new target of choice. What can you do? Stay aware and up to date, and tell your colleagues so they won’t fall victim as well.
Discover more compliance news