Facebook has once been considered a rival to YouTube, thanks to the introduction of its video feature and news feed that made it easier for any user to upload and watch content from others. Statistics have consistently shown a rise in the viewing and sharing of videos.
Even Facebook CEO Mark Zuckerberg has deemed [PDF] videos as the dominant content of the future. With views totaling to eight billion on the social network per day now, no doubt this may come true—if it hasn’t already.
As the popularity of videos continue to show no sign of declining or plateauing, we can also expect online criminals to continue to use this feature as lure against unwary Facebookers. Scams come to mind first, and so is phishing. Recently, we’ve seen a campaign of the latter, baiting users with a free “Facebook video application”.
click to enlarge
Note that the text on the user interface is in Spanish. Once translated, the text reads:
Facebook Video Application (Free)
Facebook need to confirm the following information to allow access to this application videos, Login!
It asks for the user’s account credentials in order to access this so-called app. Once they are provided, the PHP script file on the fake Facebook page processes the data, and then sends it to the attacker.
We’ve seen a similar campaign hosted on another fake Facebook page, facebookstls[DOT]com.
click to enlarge
In English, it reads:
FACEBOOK VIDEO +18 (CHECK YOUR AGE)
Facebook need to confirm your age to allow access to this video check your details!
Should you encounter the above pages, or something similar, steer clear. We also advise our readers who are unfamiliar with phishing campaigns on Facebook and what to do if they realized that their credentials have been stolen to refer to this page on the Help Center section.
Other related post(s):
- Facebook Phishing via Apps is Alive and Well
- “Facebook Recovery” Accounts Share Phishing Link, Offer Tech Support
- Scams Within Facebook Press On, Use “Facebook for Business” Hook
- New Facebook Worm Variant Leverages Multiple Cloud Services
- Phishers Hook Facebook Users via SMS
- Browser Extensions and Facebook Profile Viewers
Jovi Umawing (Thanks to Steven for additional information)