A new scam is making the rounds on Facebook, reports one security company. Not unlike previous scams, this one uses the lure of an attention grabbing "breaking news" story in order to try and snare victims.
According to Sophos Security, the company is seeing an uptick in a 'breaking news story' that says the U.S. has attacked Iran and Saudi Arabia, as a precursor to World War 3.
Sophos shared a screen shot of the status message making the rounds which says, "U.S. Attacks Iran and Saudia Arabia. F**k :-( [LINK is included] The Begin of World War 3?"
Users who are intrigued enough by the status and click the link to learn more about this 'news' are brought to a website that looks like CNN.The falsified CNN page displays an image showing a tank, with a claim to have video footage of the attack. However, it's not a video; if the user clicks, he/she is asked to install an update to Adobe Flash.
If the users go far enough to attempt to add Flash, there is no video. Instead they've installed malware on their computer. Sophos has examined the malware and determined it to be a Trojan dubbed 'Troj/Rootkit-JV' onto systems running Windows. Sophos also said the malware behaves like an infection called HPsus/FakeAV-J.
Right now the origin appears to be unknown and Sophos said it's not yet clear how the status update is being spread so quickly.
Exploiters have a tendency to use attention grabbing headlines, and social media outlets, such as Facebook, provide the perfect environment to rapidly spread malware.
In the past exploiters have used several world events, either real or falsified, in order to try and scam Facebook users into downloading malware. Last summer saw video scams which offered supposed footage of the tragic Oslo bombing and shootings, Amy Winehouse's purported death scene, and a leaked video of Casey Anthony 'confessing'.
World and/or other news events are not the only bait used in video scams. Exploiters also often use 'shocking' story leads about people, or fake a story about a celebrity. A good general rule of thumb is to never click on anything that sounds 'sensational', even if it comes from a trusted friend or connection, because the friend may have fallen victim first. Instead, turn to search engines and trusted news sites. If any of these purported events are taking place, the incidences will be reported in the media.
Digital Journal recently reported on another scam circulating on Facebook, relating to the network's new Timeline feature.
Rogue applications and fake videos are not strangers to Facebook. Scammers love to use Facebook as a platform to exploit. It's an appealing online environment due to the large number of members using Facebook and rapid ability to share the bait to other potential victims. After all, with a notable 845 members, if even a small percentage of those lured actually fall for the scam, it's still a good payoff for scammers.