Symantec has observed a new spam campaign spreading across Facebook which appears similar to the following:
The message featured in the shared video post may vary slightly as it is randomly generated by using a combination of the following three options:
· I can't believe you're
· i cant believe youre tagged
· what are you doing
· why are you
· why are you tagged
· you look so stupid
· you should untag yourself
· in this vid
· in this video
On top of that, the app_id in the requests is ‘6628568379’, which may cause the post to look as though it was sent from an iPhone when this is not the case. This is done to give an appearance of further credibility to the scam.
Next, the following message is displayed, which has the Facebook “look and feel” – as below. However, filling out the survey doesn’t verify anything. It just nets a survey fee for the spammers.
Unfortunately, the spam video link is also sent to everyone in your friends list in an attempt to keep the campaign spreading. For further details on this, please proceed to Symantec’s Security Response blog post here.
Symantec advises users to be vigilant when they come across messages like these. Think before clicking, don’t paste code into the address bar and, most importantly, keep your software up-to-date.