Facebook Users, Beware Of Scam

11 February 2012


MANILA, Philippines - Users of Facebook are warned to keep it safe this Valentine season - from "clickjacking."

Online security firm Trend Micro recently revealed an online scam on Facebook primarily victimizing users, using Mozilla Firefox and Google Chrome web browsers. The scam shows itself as an ordinary post from an infected account inviting other users to install a Valentine's theme on their Facebook profile.

Clicking on the post will redirect users to another page which will ask to install theme. But what will really be installed is a malicious file FacebookChrome.crx. Trend Micro detects the file as TROJ_FOOKBACE.A and will execute scripts to display ads from certain website.

In addition, it will install an extension Facebook Improvement, Facebook.com, on your browser. The browser is said to monitor the user's browsing activities as well as redirect them to a survey page asking for their mobile number.

If you are using Microsoft's own Internet Explorer (IE) browser and you clicked on the post, you will be directly redirected to the same survey page without asking you to install anything.

The attack, Trend Micro said, is mainly intended for Chrome and Firefox users.

Regardless of what operating system the user is using, anyone using Chrome and Firefox browsers are vulnerable to the attack. Trend Micro said that it hasn't identified how many users are already affected by the malware, but it is not the first of its kind.