Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Facebook Scam Dupes into Pasting Malware Inside Browsers

Researchers at software security company 'AVG' have warned that a scam is circulating across Facebook tricking users into placing malicious JavaScript inside the address bar of their Web-browsers. The trick is enticing users to visit web-pages, which apparently carry a video.

The first web-link embedded on the Facebook's fake profile pages states that 99% of users can't view the video for only 25-secs. Thereafter, it exhibits a girl's photo hiding her face behind the palms. Moreover, viewers are persuaded to hit a tab -"Video Here!" which displays a phony movie player.

On clicking it, users encounter another scam, which promises to show a movie. To download it, they're told about a code that should be pasted inside the address bar of their browser.

However, this code carries a disguised JavaScript that sends out messages to all the contacts of the user if pasted. Subsequently, the code adds a bogus notification of update description to the profile page of the victim to popularize itself.

Roger Thompson, Chief Research Officer at AVG, states that currently there is no clear evidence about the payload's nature although investigation is still on. However, he states that it could possibly be a website, which seeks to automatically charge the user $9.95/month on his cell-phone account, as reported by SoftPedia on July 7, 2010.

It is said that the trick, which asks to paste a particular code into a user's address bar, isn't new. During the end-week of June 2010, a phishing scheme on Orkut demonstrated the same technique that duped users into loading a malevolent JavaScript in their Web-browsers by promising them of certain recharge code for mobile credit at zero cost.

Commenting on this, security researchers stated that while people popularly used browser applications, the latter facilitated the maximum number of opportunities for attack that distributed harmful content. Over and above, most people failed to figure out as to which content meant danger for their PC.

Hence, the experts advise that users should set appropriate security configurations on their browsers and keep all attack warning options enabled.

Related article: Facebook Users Should be Careful of a Computer Virus

ยป SPAMfighter News - 7/20/2010

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page