McAfee, the online security company, released a threat report yesterday detailing a disturbing rise in Facebook malware. Most notably, a bug that hijacks users’ profiles called “Koobface” has tripled its reach so far in 2013.
“The resurrection of Koobface reminds us that social networks continue to present a substantial opportunity for intercepting personal information,” Vincent Weafer, senior vice president of McAfee Labs wrote in the report. “The resurgence demonstrates that the cybercriminal community believes that social network users constitute a very target-rich environment of potential victims.”
The scam, first reported in 2008, works by sending innocuous-looking messages to Facebook users featuring a link to a video. Once users click on it, they are prompted to download “special video software” they need to view it. However, once they attempt to download the phony software, the malware bot takes control of their profile and posts spam messages under their name.
As insidious as these scams are, they can be easily avoided by never clicking on links that don’t originate from a trusted source. Facebook users should read all link URLs carefully before clicking to ensure that they’re legit. If something seems fishy, don’t click through it, and definitely don’t give personal information if prompted.