If you’re the kind of person who gets a kick out of watching leaked videos and photos of celebrities, then you’re precisely who cybercriminals are targeting with the latest malicious scam spreading on Facebook.
Researchers at Bitdefender have discovered that computers are at risk of being infected with malware, if their owners are lured into clicking on links shared via Facebook purporting to contain a private video of Emma Watson.
There isn’t really a video of the British actress, best known for playing Hermione Granger in Harry Potter, of course. Her name and image is simply being used as bait.
When Facebook users click on the link they are taken to a third-party webpage which pretends to be YouTube.
Unlike the real YouTube, however, the webpage is designed to trick you into thinking that your video player is out of date. In a nutshell, the criminals are hoping that internet voyeurs will rush to download a malicious file and not think of the possible dangers to their data security.
Video Player Error
Our system detected that you are using an outdated Video Player version, in order to watch videos on Youtube please update to the latest secured version of Video Player by clicking [the] ‘Upgrade Now’ button below.
Once you download and install the update refresh the browser to watch the video.
Bitdefender’s research team says that the malware changes the user’s browser settings, and meddles with their use of Facebook to start sending messages on the victim’s behalf without their knowledge. Some of this activity can include posting comments on the user’s behalf, and automatically liking and following Facebook pages - an activity that can help the criminals earn money.
In addition, victims may find that their mobile phones have been signed up for premium rate SMS services - another common source of income for Facebook scammers.
Bitdefender’s product detects the attack as Trojan.JS.Facebook.A and Trojan.Agent.BFQZ, and more information about the attack is available on the security vendor’s website.
If you are on Facebook, and want to be kept updated with news about security and privacy risks, and tips on how to protect yourself online, join the Graham Cluley Security News Facebook page.