July 11, 2011, 10:59 AM — If you see a post on Facebook about a Casey Anthony confession, or a link to download the video chat app, run away. These two new Facebook scams demonstrate why the social network is such fertile ground for attackers to target.
Malware attacks frequently use social engineering to spread and current events as bait. With the recent unveiling of Facebook's partnership with Skype to deliver video chat from within the social network, and the public outrage over the acquittal of Casey Anthony, attackers have the key ingredients they need to dupe victims into installing malware.
Facebook Video Chat
Facebook Video Chat is awesome. I would have preferred a Facebook iPad app, and we can debate whether or not it is as awesome as the Google+ Huddles feature that enables group video chat, but it is pretty cool to be able to start a video call with anyone in my social network with a couple clicks of the mouse. But, it is not an app.
The Sophos NakedSecurity blog cautions, "If you see a wall post referencing "Enable video calls.", don't click it! Send your friend a message that they have been tricked."
There is a right way to enable the Facebook Video Chat service, and it does not involve installing a third-party app. This malware asks for permission to access your information, post on your wall, access posts in your news feed, and even continue to access any of this information even when you are not actively using the app.
Hopefully, that would set off some red flags for most users. Why would a video chat utility need to access my news feed or post on my wall--especially when the video chat tool isn't even in use? Users who lack that sixth sense and "Allow" this app will end up spamming all of their Facebook connections and lead them to an online survey site that generates traffic and referral fees for the attackers.
Casey Anthony
Casey Anthony is the OJ Simpson of this decade--the tabloid media circus murder trial where the public is sure she is guilty, yet somehow she was inexplicably acquitted. The shock and outrage over the result of the trial make perfect fodder for a Facebook scam.
If you happen to see a message on Facebook proclaiming "BREAKING NEWS--Leaked Video of Casey Anthony CONFESSING to Lawyer!", don't believe the hype. Please. Don't say I didn't warn you.
If you make the mistake of clicking on the link, you will see an "Age verification" confirmation box that reads "Are you older than 13 years of age? Click "Jaa" button 2x to confirm and play video." The word "Jaa" is actually Finnish for "Share", and when you click the button you are granting permission for the malware to be shared with your Facebook network.
If you are persistent (or oblivious) enough to push on, you will eventually come to a page that appears to be YouTube, but alas there is no such video. Instead, you will be presented with yet another online survey scam that generates traffic and revenue for the attackers.
Attackers expect you to let your guard down because the links are allegedly coming from your social network. Why wouldn't you trust your Facebook 'Friends'? Think twice, or even three times, before clicking on things. Even on Facebook, if it seems suspicious, or too good to be true, it probably is.
