These days, it’s become very much easy to get rid of an email from an unfamiliar source telling you to download a file or click on a link. Thanks to its spam-like features. However, it’s very rare to detect such messages on a social media platform such as Facebook Messenger. In fact, deleting it becomes a problem especially when it’s being sent by a friend. This is particularly the case with the recent social engineering scheme.
Here is what you need to know to stay safe.
What is this adware all about?
Not very much is known about the adware and its progenitors. David Jacoby, senior security researcher at Kaspersky Lab was the first-known person to uncover it when he discovered that a message received from one of his friends was contravening. The adware basically employs Facebook Messenger to track users’ browser activities and sets them off to release personal information or click on malicious ads.
How it operates
The adware is capable of sending messages to friends of the victim. Basically, it clickjacks and hijacks credible information from Facebook users. If you’ve got a friend whose FB account has been compromised, you are very much likely to receive a phony message from his or her account.
The message usually includes the name of your friend an abbreviated URL and a shocked face emoji succeeding the word “Video.” Once an unsuspecting user clicks on the URL, they will be redirected to a Google Doc with a distorted photo of their friend masked as a video. Clicking on the video does not play it but redirects users to any of the targeted websites based on their location, operating system, and browser.
For instance, if the user is on Firefox, he or she will be redirected to a site with a Windows adware executable and a false Flash Player update notice. The same thing applies to Google Chrome users. They will be sent to a website that resembles YouTube once they click on the video. There is a fake error message on the hoax website which is aimed at deceiving users to download a malicious Chrome extension. Although the adware appears to be hidden in a .dmg file, the same also applies to OSX.
Basically, it is aimed at moving users’ browser via a range of websites so their activities won’t be monitored by tracking cookies. Through this, you can be “social engineered” and tricked to release confidential information.
How to stay safe
A number of automated systems have been released by Facebook to restrict the flow of harmful links and files. Upon suspicion that a user’s account has being hacked by an adware, Facebook will offer a free antivirus scan. Nevertheless, users are advised to be conscious of any shortened URL links sent to them by those on their contact list.