Cybercriminals are trying to trick users into installing a Trojan on their computers with the aid of Facebook posts that advertise a private video of one of their friends.
Facebook scams are highly common these days. However, in most cases they’re only designed to dupe internauts into taking part in surveys. In this case, the cybercriminals’ goal is to distribute a piece of malware.
According to Bitdefender, the messages posted by cybercriminals on Facebook read something like “[user name] private video,” “[user name] naked video” or “XXX private video.” The user name is someone from the potential victim’s friends list.
When the links from these posts are clicked, users are taken to a fake YouTube site that appears to show a video that’s already been viewed by millions of people. However, victims are told to update their Flash Player in order to access the content.
The Flash Player update is actually a Trojan. The threat installs a web browser extension that’s capable of hijacking the victim’s Facebook account to steal their photographs and spread the scam posts.
The scam posts published by this rogue extension on users’ timelines tag the victim’s friends to attract their attention.
If you come across such posts on Facebook, don’t click on them. If you’re already a victim, remove the rogue extension from your web browser and scan your computer with an antivirus program. Bitdefender solutions detect the threat as Trojan.FakeFlash.A.