There is yet another virus making the rounds on Facebook, and it’s tricking a lot of users into clicking on it and infecting their computers.
Here’s what the message looks like:
I’ve gotten these Facebook Messenger messages from several of my FB friends. It always has the same content – your first name, followed by “it’s you?“, along with what looks like a link to a YouTube video.
This is a very common tactic in virus emails as well – it’s specifically designed to arouse your curiosity. In fact, one of the most effective tools for spreading malware is the curiosity of the recipient. Lots of people read that and think, “What is this? My friend found a video of me on YouTube?” Of course, they could reply to the message asking about the video and wait for a response from their friend. But that might take too long, right? Curiosity demands an answer now!
The easiest thing to do, to satisfy that curiosity quickly, is to just click on the link and see that video. Except it’s not a video. The image in the email is created to look just like what a YouTube video link looks like, but instead of taking you to YouTube, the user gets redirected to a website that LOOKS just like YouTube (or some other video sharing site), but then a pop-up appears that says you need to install something to allow you to view videos. Completely fake of course, but it’s designed to look completely authentic.
Again, for some people this could still seem to be legitimate, since there are often pop-up messages telling you you need to update this or that software. So they figure they’ll just get this quick update and then be able to view that video they’re dying to see.
But rather than installing or updating a video player, the link they just clicked instead installs malicious software that compromises their Facebook account. And then guess what happens? They start unknowingly sending Facebook message to all of THEIR Facebook friends, with the same link and the same vague “___, it’s you?” message. And the cycle continues.
Except now instead of your friend sending out the fake, malicious messages, now it’s YOUR Facebook account doing this to all of YOUR Facebook friends.
This goes back to one of my top rules for using the internet: Don’t click on any link unless you know exactly, with certainty, where it will take you.
And for the people that “only click on something if it came from someone I know” – this fake Facebook message will ONLY come from someone you know. So the criteria of “someone I know” is not relevant.
You’d think after this same message keeps sending out the same malicious link and download, Facebook might get the hint and block those messages. But so far that has not happened. It’s up to you to be vigilant.
If you do find that your Facebook account has been infected like this (or with any other malicious software) get in touch with me (or whoever you use for computer service) to get it cleaned up. This can be handled remotely so you shouldn’t have to bring your computer anywhere to get it resolved.
