A fake version of Facebook’s 10th anniversary celebration video page, ‘A Look Back’ is spreading via the social network and currently being used to spread malware, according to a report and screenshots posted by Cyber War Zone.
The fake page looks almost identical to the real pages for the Facebook promotion, where users create (and frequently share), a video showing highlights of their time on Facebook, according to Help Net Security’s report, but instead of automatically playing, users are prompted to download software.
Cyber War Zone reports that the current version of the scam presents users with a screen using artwork and fonts that look very much like Facebook's own, saying, “Facebook: A Look Back: Click to Install on Facebook.” Cyber War Zone says, “First of all the hackers will try to navigate you to an external website, so keep your eyes open for the green bar in your web browser.”
The site points out that it’s likely that the attackers will likely use “multiple themes” to spread the attack, so it’s not certain that the screenshot posted by the site will accurately reflect every risky link related to the promotion. The site's screenshot clearly shows a prompt to download a file, but Cyber War Zone does not make clear which malware is involved.
Facecrooks' report on the scam says, "These fake Look Back pages closely resemble the real deal.. but their URLs reveal that they are linked to domains outside of Facebook. However, even if you accidentally click on one of these malicious links, you can still save yourself from being infected by malware. Most of these links will prompt you to download software that will supposedly create your video for you but, in actuality, is a piece of malware. Don’t download anything you find offered to you via these links."
Facebook’s promotion has been a success for the company, with spoof versions including Walter White from the TV series Breaking Bad, as highlighted by Mashable, and Britain’s Prince Harry. The site’s own guidelines warn of potential privacy issues relating to the video, where ‘highlights’ including popular posts are chosen automatically, “Keep in mind that if your movie includes things you only shared with a few people, the people you share your movie with will now be able to see everything you included in your movie,” Facebook's FAQ page warns.
Scammers often target Facebook with copies of viral content - or entirely fake, sensational content, such as ‘Giant Snake Swallows Zookeeper’, as reported by We Live Security late in January. Prompting users to either download software, or visit sites outside of Facebook, is also a common tactic.
About.com’s Urban Legends warns against the Zookeeper link, saying, “What it’s designed to do, if you follow the instructions, is spam itself to the Facebook news feeds of everyone you know. It may also ask you to fill out a survey form, which, if you comply, is how the scammers make money. Worst-case scenario, it may download malicious software to your computer, potentially compromising your privacy and security..What it won’t do, ever, is show you the “shocking video” it lured you with in the first place.”
ESET researcher Stephen Cobb offers a We Live Security Guide to spotting Facebook scams, “Can we trust our friends not to make questionable decisions on social media? Apparently not, because our friends might actually be scammers in disguise, or just not well-informed.”
In many cases, scam videos will install a ‘rogue’ Facebook app to spread rapidly via the network - but as reported by We Live Security here, such scams can, in the worst case scenario, lead to tainted sites which infect users with PC malware.