Security researchers at Avast, an antivirus company, have found a link that has been spreading rapidly on Facebook and Twitter that prompts users to download malware that looks like Adobe Flash Player technology. Once users download the fake Adobe software, the scammers can take control of a user’s profile, posting to their feed, liking pages or becoming a fan.

The hack works by installing a fake extension to a user’s Google Chrome or Firefox browsers, making the download appear legit. While the attacks have only been tracked in Turkey so far, but experts at Avast warned that other cybercriminals could soon copy the techniques of the clickjacking attack.

Clickjacking scams like this one are all too common on social media, where users are more likely to trust links posted by their friends. However, avoiding these scams ultimately comes down to common sense. Before clicking on any link, and especially before downloading any software, examine the content of what you’re about to download carefully. If it doesn’t look or feel right, or if it doesn’t seem like something that your friends would post, then don’t click. While hackers exploit users’ inherent trust of their friends, looking at shared content with a more discerning eye can easily prevent you from falling prey to cons like this one.

If you have been hit by this or similar scams, then use this guide to remove the rogue browser extension:

How to protect your Facebook account from Rogue Browser Extensions