Today, scams and hoaxes are part of social media like Facebook. New scamming act is currently making website’s round, after previous reports of privacy notice post hoax spreading on the social networking website was found. It has been reported that at least 5,000 computers have been infected with a backdoor Trojan.
Bogdan Botezatu of HotforSecurity reports that cyber criminals have created a malicious tagging scam, which starts with an alleged “video,” in which 20 friends are tagged in. Looking at the “video” in the Facebook post, it displays a goo.gl host, which is a URL shortening service, and not a video hosting website, which makes the post very suspicious. The page can serve malware to various devices like Android phones, PC’s, PlayStation consoles, TV sets, smart cars, and media players. After this, you’re redirected to a SMS service that tries to provide you a premium service of some sort that costs less than $5, not to mention that a number of redirects are made where some of them even tell the hackers about how many of the users have actually fallen for it. The downloaded file is reportedly not a Flash player installer, but instead an SFX file (self-extracting executable archive) will greet the user.
Botezatu explains further:
“Users who click the respective video are sent to an external page, where their user-agent (the browser and operating system identifiers) is analyzed so hackers know where to redirect the victim. After all, it wouldn’t make any sense to redirect an Android user to Windows malware, would it?”
Best solution to avoid this kind of threat is to install anti-malware solution to receive alerts about these scams if they try to hijack your device and also can get rid of any files that seem suspicious.
Who is the culprit behind the Facebook auto tagging malware
There are several versions of the scam which have been traced. Most importantly, all types of spams are found to be operated by a Turkish cyber-criminal known as “schwarzback”. The following image shows some clones of the real-time analytics embedded which attacks the users. Statistics revealed that more than 5000 people are falling in the bait every hour.
What can you do? Some important safety measures!
1. Install Anti-malware in your PC. This can solve a part of your problem.
2. The most important safety measure is to know how to hold on your curiosity! It’s good to be curious but not in Facebook. Before blaming Facebook, always try to keep your eyes open and read the instruction before sharing or clicking any content. Yes, the hot bod of damsels and the alluring sex tapes might blow your mind, but in every app Facebook informs you what this app will get access to. Some apps get access to Friend list, chat content, birthdays. That’s how they give the result that your beau will be you Valentine of this year in the “Who will be my valentine” apps. So basically beware.
3. Try to check the pattern. Auto tagging scams generally select 20 or 50 people. The link below the screen shot will be suspicious.
4. The screenshots look like YouTube videos but they are actually the snippet image of the links. So you must know if it’s actually a YouTube video or a trap. For a real YouTube video link, if you take the cursor over the red play button, the button bulges out but this will not happen in case of malware. Be careful.
Hope you will get an idea of how to deal with it.