A fake Facebook interface will display an attractive looking “Hot Video” link. If you hit Play button, you will be requested to download Flash Player.

As usual, a Trojan will be installed on your computer if you agree to download the player — Beware of such links as this technique has become relatively common modus operandi of hackers.

This January, the Guardian published an article about Facebook’s remarkable success with its user-created video program. The article also appraised the increasing growth, viewability and shareability of the social network because the numbers really were impressive.

Must Read: Facebook Users Hit with ‘Your Account Will Be Disabled’ Message Phishing Scam

Hackers might have read that piece from the Guardian and unsurprisingly were quick to take notice and reap its benefits.

facebook-users-hit-with-hot-video-scam-delivering-trojan

This feature has indeed gained unprecedented popularity as the numbers of created, viewed and shared videos is increasing day by day. Considering the ongoing cyber trends, it is understandable that cyber criminals are trying to jump in on the bandwagon and gain some attention.

Must Read: Ask.com Toolbar Can Hijack Your Computer Through Java Updates

Thus, if you receive an interesting post on your Facebook wall having a link to a supposed attractive video then you must realize that you aren’t on Facebook but a fake page located at:

http://storage[dot]googleapis[dot]com/yvideos/video2[dot]html

facebook-users-hit-with-hot-video-scam-delivering-trojan-2

There is an independent group responsible for this scam. Hackers have abused Google’s free online file storage facility for accommodating the HTML page that serves as Facebook’s interface.

Must Read: ‘Guy Removes Blackhead’ Post Delivers Malware to Facebook Users

This is a very common method that’s being used since long by phishers. They use free services such as Dropbox or Google Drive to initiate malicious campaigns like this one.

Malwarebytes reports when you hit the Play button, your computer’s screen will display an error message on top informing you to install Flash Player for viewing the video. If you agree to download, Youtube.SCR file will be downloaded instead of Flash Player file.

Waqas

Waqas Amir is a Milan-based cybersecurity journalist with a passion for covering latest happenings in cyber security and tech world. In addition to being the founder of this website, Waqas is also into gaming, reading and investigative journalism.