New Adware Scams Targeting Facebook Messenger

The numbers of Facebook users have grown exponentially over the last few years. The social media giant now boasts over 2 billion users out of which 1.2 billion are Facebook messenger users. This vast number of users has made the platform a hunting ground for cybercriminals.

The latest scam detected by online scam detectives involves a dangerous phishing adware encoded in a message being sent around the world via Facebook messenger.  Just like with other phishing attacks, the virus has been masquerading as a video message from a Facebook friend.

The message in question is received from a person on your Facebook messenger contact list. It reads “David video” with a shocked face emoji accompanying it.  It also contains a link that supposedly leads to a video which is supposed to be shocking.

However clicking on the link doesn’t start the video, it instead redirects the user to a Google document. The page you are redirected to happens to contain a Play video button. Immediately a user clicks the play button, their device gets instantly infected with adware.

Once infected with adware, the scam artist gets unrestricted access to your device information such as the contact list, browsers and operating system. The information gathered helps the cybercriminals determine the best front of attack, essentially which best malicious website you can be redirected to.

For people who use Google chrome, they are mostly redirected to a spoofed YouTube sight which keeps popping up a Fraudulent Error message. The browser then prompts the user to download chrome extension to solve the error. Downloading the extension is a front for downloading a malicious malware. It infects a user’s device forcing it to click multiple ads in the background which can incur financial loses in terms of data usage.

It stands to reason that you should not click on the link once you receive this malicious message on your Facebook messenger app.  Immediately notify the Facebook account holders that they have been hacked and their credentials stolen. Advise them to warn the others not to click the link and also change their passwords.

Comments

comments