With newer ways to hack into Facebook coming in pretty frequently, hackers are now getting into Facebook accounts by luring users to watch a new hot “leaked video of Selena Gomez and Justin Bieber.” In an alert issued to Facebook users, security software vendor Symantec has warned them not to click on strange links, even if they’re from friends, and notify the person if they see something suspicious while urging users not to click on friend requests from unknown people.
According to Symantec, the scam fools victims into downloading a fake browser plug-in. The scenario is pretty simple: the victim is lured into watching some video; but instead of asking the victim to share/like the video, (which we have seen in many scams) the scammers present the victim with a fake plug-in download image, which is required to see the video. Once the victim clicks on the image, the user-agent info is retrieved and accordingly, the fake plug-in is downloaded.
A script named extra.js, then posts a fake image (which pretends to be a video) on the victim’s profile thereby further spreading the scam, the Symantec notice added. As an additional precaution Symantec has advised Facebook users to review security settings and enable login notifications – that can be found in the drop-down box under Account on the upper, right-hand corner of the Facebook home page. Users have also been advised not to download any uncertain applications.