One of the oldest Facebook The color change scam tricks
users into downloading ''malware'' via a site that claims to let users change the
colors of their Facebook profile.
The latest
iteration of the scam has already affected more than 10,000 people around the
world, according to Cheetah Mobile, a Chinese Internet company that highlighted
the most recent appearance of the scam in its blog.
The malware begins
by advertising an app that tells Facebook users they can change the color theme
of their profile. Download the app and you're directed to a malicious phishing
site, according to Cheetah Mobile's security researchers.The website targets
users in two ways.
First it steals the users' Facebook Access Tokens by asking
them to view a color changer tutorial video. Temporary access to the tokens
allows hackers to connect to the user’s Facebook friends.If a user doesn’t view
this video, the site then tries to get them to download the malicious
application. If a user is on a PC, the site leads them to download a
pornographic video player.
If the user is on an Android device, the site issues
a warning saying the device has been infected and advises users to download a
suggested app.Anyone who has already fallen victim to the scam should uninstall
the app immediately (this can be done from the "app" menu in your
Facebook settings) and change their Facebook password.
Comments
Post a Comment