In a world revolving around social networking, too many applications can be deceptive. Users are non-stop advised to act cautiously online, not to grant any application access to contact lists, not to fill in forms with private information, and never install plugins demanded by various sites unless they are completely sure of its legitimacy.
The plugin, identified by Bitdefender as Trojan.FBFraud.A, will only work in Chrome and Mozilla Firefox browsers. This means that users of other browsers will dodge this threat, being simply redirected towards a blank page.
This will acts as a lure for the victim’s contact list. The purpose is to trick as many users as possible into clicking the link, getting infected and acting as vectors for the infected site. Since its debut this January, the scam has been identified on over 1,100 Facebook accounts.
If the users, however, is currently browsing the webpage (the sources of this particular scam), they will be redirected to a specific Facebook profile, that had been beforehand injected with an iframe to “transport” the users to an external webpage that hosts a survey scam.
This is the classical approach widely used in monetizing cyber-crime: infection victims are offered surveys and services such as the daily horoscope, phone locating system, ring tones, all of which can be delivered to a mobile phone number indicated by the user. This is, of course, not free of charge. The user must, in return, send a SMS message to a premium rate telephone number.
This article is based on the technical information provided courtesy of Doina Cosovan, Bitdefender VirusAnalyst.
All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.