Facebook users hit with “You are in this video?” malware scam

Until now you must have heard about so many scams involving Facebook Messenger that whenever you see a suspicious chat message sent from other friends on your Facebook profile, you instantly feel alerted. However, there are still innocent Facebook users who fall prey to such scams every other day.

The latest scam also uses the same strategy, that is, you will receive a link on Facebook Messenger chat window. The message shows a link having the title “You are in this Video?” and requests the recipient to click on it to see the video that features him/her. The title may vary in different messages, such as it could be “This video belongs to you?” or something like that.

Screenshot of a chat where malware-infected link is being sent to a victim.

More: Scammers Using Images on Facebook Messenger to Drop Locky Ransomware 

This is an old-school, widely tried-and-tested strategy through which scammers lures innocent users to click open dangerous links designed specifically to steal login credentials or infecting the victim’s computer system with malware. Many users get trapped in this scam mainly because the message appears on the social network’s private messaging service, the Facebook Messenger, and it is apparently sent by a friend. The reason why another of your Facebook contact sends you this malicious message is that his or hers own account has already been compromised.

The scam utilizes the natural inclination of users to check out a message in which their friend claims that they are featured. When the recipient clicks on the link, they become a victim of phish attack or malware scam. The phishing scam tricks victims into providing their login credentials by directing them to fake Facebook login pages, which seem totally genuine to users. These fake pages then steal the login information and immediately transfer it to the scammer.

In this particular scam, the fake login page does not show the Facebook.com domain but asks the victims for their username and password. When the information is entered, the scammer accesses that account if two-step authentication is not enabled by the user.

Another variant of this scam is the malware scam. The link that appears on the Facebook Messenger chat window directs the victim to sites infected with malware. The victim is asked to download a codec, plugin, video update or some other software in order to be able to play the video. When the user downloads the requested software, it infects the entire computer system.


It must be noted that these two methods are being utilized by scammers in this latest scam. You may receive any one variant but the basic purpose remains the same, to hijack your Facebook account. Then your account will be used to send this malicious link to other contacts on your profile page.

More: Facebook Post Tagging Scam Steals Your Login Credentials

It is recommended that if you have fallen for this trap, do change your Facebook password immediately and run an anti-virus scan to cleanse your computer of viruses and bugs.

Waqas

Waqas Amir is a Milan-based cybersecurity journalist with a passion for covering latest happenings in cyber security and tech world. In addition to being the founder of this website, Waqas is also into gaming, reading and investigative journalism.