Posted By: ITWiser Webmaster - Yorkshire's IT Specialists
Posted By: IT Wiser
Facebook Colour Changer Hits Users with Malware
As if there were not enough reasons to install Cloud Web Security, a new version of a not-so-new Facebook scam has duped more than 10,000 people into downloading malware.
Called the ‘Facebook Color Scam’, the malware works by tricking users into downloading a malicious program via a website that claims to make it possible for users to change the classic blue Facebook colour scheme. Hackers first rolled out the deceptive malware back in 2012 and again in 2013. Apparently it worked well enough on both of those occasions to warrant a third run and, according to Chinese internet company Cheetah Mobile – which was first to discover the new iteration – colour scam circa 2014 has been pretty successful too, affecting thousands of Facebookers around the world.
“The phishing site has two ways of attacking consumers. First, by stealing the users Facebook ‘Access Tokens' by asking them to view a colour changer tutorial video. At this point the hackers gain temporary access to these tokens, which allows them to connect with the user's Facebook friends,” explained Cheetah in a blog post.
“If a user doesn’t view this video, it then tries a new way to spread the malicious software, by getting consumers to download a malicious application.”
For PC users this malicious application is a pornography video player – generally a clear sign that something is not quite right.
The Facebook Threat
The threat of malware in Facebook is huge. The social network had 1.32 billion active users in the second quarter of 2014; it has become a critical tool in modern business, with companies relying heavily on social media to promote products and engage with fans.
The sheer size of the site makes it a perfect target for hackers to infect unsuspecting users. In a recently-released list of top Facebook scams for 2014 by Bitdefender, malicious downloads such as ‘total profile views/visitors’ and ‘find out how to see who viewed your profile’ – both of which may be appealing to social media teams looking for analytics data – featured prominently alongside colour changer.
While these tools appear to be helpful, clicking on them in a newsfeed could land you with potentially damaging malware.
Thanks to a powerful antimalware engine, advanced antivirus protection and URL content filtering, Cloud Web Security is capable of ensuring your social media department remains safe when using sites such as Facebook for business purposes.
Social engineering proponents know exactly how to push the right psychological buttons to lure in victims and even the savviest of Facebook’s users could find themselves falling into their trap. Fortunately, Cloud Web Security knows no emotion and works only to keep you virus free.