We have been following Facebook scams for quite some time. Several of our readers reported and we saw first hand the viral spread of malicious links via Facebook Chat. Virus infested chat links are nothing new to Facebook. It is a common ploy of hackers, scammers and purveyors of malware to hack a Facebook account and then send infested links to the friends of the hacked account.
This new method of malware delivery is to use a rogue Facebook application. This is really a clever trick invented by the scammers. It is a lot easier to get the average Facebook user to install a Facebook application instead of trying to hack a Facebook account.
Below is the scam posting we ran across tonight. At first glance nothing seems that out of the ordinary. (Kudos to this user for warning his friends to steer clear of the links!)
When a user clicks on the bit.ly link, they are presented the following Facebook application permission screen:
Now this is where things get interesting. This particular rogue Facebook application requests permission to “Access Facebook Chat.” Allowing the application developer this access gives them permission to send chat messages to your friends. The people receiving these messages will likely think the link is coming from a trusted friend. We have heard reports that these links lead to viruses and/or malware infestation.
It is also important to note that changing your password does nothing as a response to this type of attack. These chat-jacking scams use a rogue application, so the app must be uninstalled to prevent the viral spread of the scam. Changing your password only helps if the chat messages are coming from a hacked account.
One account with the rogue application installed could literally infect hundreds of users if they are unsuspecting of the link. Now, more than ever, users must take responsibility for the applications they install and the links they click while on Facebook. Always be suspect of any links you receive via Facebook chat, and be more careful and selective of any Facebook applications you install.
If you are ever in doubt about a potentially malicious link, you can use the AVG online link scanner to check it out.
One of the most popular chat-jacking scams uses the following message (or some variation):
This problem is so widespread and pervasive that we have started a petition asking Facebook to limit or require a proper vetting procedure for application developers to access Facebook Chat. Please support this initiative by signing the petition.
If you or your friends made the mistake of installing the rogue application, you should clean-up your newsfeed and profile to remove references to the application (click the “x” in the top right hand corner of the post).You also need to access your privacy settings and remove the application from your list of approved Facebook applications. (Account/ Privacy Settings/ Applications and Websites.)
If you or your Facebook friends are falling for tricks like this, it’s time to get yourself informed of the latest threats. Be sure to join the Facecrooks page on Facebook to be kept informed of the latest security issues. Also check out: