Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Bitdefender - New Facebook Scam Exploits Popularity of Emma Watson

According to antivirus solutions provider Bitdefender, the popularity of British actress Emma Watson has been leveraged by a new Facebook scam to infect users with malware.

Digital Spy published news on 9th October, 2014 quoting Catalin Cosoi, Chief Security Strategist of Bitdefender, as saying "It all starts with a comment on Facebook promising to disclose classified or exposed Emma Watson videos. The comments are automatically posted by Internauts tainted with the malicious software and victims wind up as marketers of cybercriminals like many other cases of Facebook scams."

Clicking on the link by Facebookers or Facebook users directs them to a third-party webpage that emulates YouTube.

Unlike the genuine YouTube, the webpage is fabricated in an attempt to scam by making you believe that the video player in your computer is outdated. Simply speaking, the cyber crooks are expecting that Internauts will dash to download a tainted file without thinking of a possible danger to their security data.

The research team of Bitdefender notes that the malware modifies the browser settings and intervenes their Facebook usage to start distributing messages on behalf of victims without their awareness. A part of this activity includes posting of comments on behalf of the victim and liking and following Facebook webpages automatically, an activity that can make criminals to earn money.

Moreover, victims may discover that their mobiles have been subscribed for SMS services at premium rate which is yet another way of income of Facebook swindlers.

The malware is identified as Trojan.JS.Facebook.A which drops malicious items in the installation folder of Internet Explorer and it can steal anti-CSRF (Cross-Site Request Forgery) token allowing an attacker to hijack a real Facebook session and make changes as if they were users.

Experts of Bitdefender observed that the malicious extension can connect to a command and control (C&C) server and use scripts to access code from other websites and gain control over the activity on Facebook (post comments, follow pages).

The cyber gang behind this campaign appears to try to get the most of it before it is blocked and also seek monetization through online surveys. The bad links perform redirects to localized surveys.

ยป SPAMfighter News - 10/17/2014

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page