Facebook users should be on the lookout for suspicious chat messages apparently sent from friends on Facebook that implore them to watch a video by clicking a link.
Scammers are exploiting Facebook’s Messenger service to fool users of the social network into clicking potentially dangerous links that are designed to either steal their login details or trick them into installing malware.
The links come over Facebook’s private messaging service (Facebook Messenger) and appear to have been made by a friend. However this is because that friend has had their own account compromised, resulting in them sending you the dangerous link. An example can be seen below.
The links are accompanied by messages such as “You are in this video” or “This video belongs to you?” – However this message can vary from scam to scam, but will be designed to lure the recipient into clicking the link.
Depending on what variant of this scam you stumble across, a victim may be directed to either a malware scam or a phishing attack, as per the below descriptions.
The phishing scam variant
Facebook phishing scams are designed to trick victims into handing over their Facebook login credentials, and this is most commonly achieved by setting up spoof Facebook login pages that look just like the legitimate Facebook login page. However these spoof webpages will steal any login credentials entered into them and send them to the scammer.
So in this case, the links that appear through Facebook Messenger will link to spoof webpages hosted outside of the Facebook.com domain. These webpages will ask the visitor for their username and password, which, when entered, are sent to the scammer who will gain access to that account (if the victim didn’t enable two-step authentication, which we recommend they do.)
See the below image for an example of a spoof webpage which you can see from the web address at the top it does not belong to Facebook.com.
The malware variant
Alternatively, these links posted through Facebook Messenger may lead to webpages laden with malware. In this case, the visitor is likely to be told to download something to make the video play. This could be a “codec” or video update.
However it’s not. It is malware that – when downloaded and opened – will infect the victims computer.
Regardless of which variant you happen across, both compromise the security of your Facebook account, and if you fall for them, it will likely result in your Facebook account posting the same malicious links to all of your Facebook friends accounts. If you do fall for such a scam, remember to change your Facebook password and run a full antivirus scan on your computer.
And remember, just because a link appears to be from a friend, it doesn’t mean they sent it to you. Suspicious links should not be clicked, regardless of whether or not you know the person who sent it to you.