Latest Facebook scam is more advanced compared to the previous scams. This one steals users Facebook Email Id, promotes other scam messages, asks users to complete survey and also install malicious browser plugin. Below seen is the sample scam post with a link to fbmugoffer.info.
c
The above link will take you to a page like seen below. They have well designed the webpage to look similar to that of Facebook so that people will believe it. It says "Facebook is giving away ceramic cofee mugs free of cost. Yes, you heard it right, you don't have to pay a single penny. Just verify your identity, and confirm you'nt Bot and we ship your mug right away." And asks you to like the page and Click on Continue.
When you click on continue you will be redirected to the page "http://freemug.info/mug.html" which says some stories and contains a Order now button.
Clicking on Order now will take you to freemug.info/verify.html were it ask users to enter their Facebook email id by accessing the Mobile log in page.
After entering the Email id and clicking verify it will redirect to "http://freemug.info/final.html" were it displays available survey depending upon their location and asks users to complete them.
When examined the site http://freemug.info/mug.html found it containing script to install browser plugin with the name "Youtube Extension".
Once these plugins are installed it monitors whether user access the site facebook.com. Once accessed it runs 2 scripts http://allinfree.net/justinbieberstabbedvideo/script.js and http://allinfree.net/just/et.js which contains code to post the scam message "EXCLUSIVE!!!The Young Love Stolen Video Justin Bieber & Selena Gomez."
Below seen is the sample scam post with the malicious link justin-v10.co.cc.
Where justin-v10.co.cc contains the below page. It contains hidden share button, where ever you click on the video it will be shared on your wall.
c
Also found another variant of this scam containing link to http://embarrassingvideos.blogspot.com/?tviJOEO6 and http://upgradeyourtools.info/justin/
Which prompts you to install malicious browser plugins http://upgradeyourtools.info/plugin/youtube.crx
There are multiple variants spreading across Facebook. So people be cautious when you click on something.
CLICK HERE TO WATCH IT: http://tinyurl.com/boobs1pPis
GUY TOUCHES 1000 BOOBS!!! INCREDIBLE!!!
No comments:
Post a Comment