The attack appears still to be spreading via Facebook’s chat system, exploiting compromised users’ accounts.
Facebook says the people behind the attack are exploiting a browser vulnerability that allows “self-XSS”.
A rogue application is spreading via Facebook, claiming to offer easy invitations to Facebook’s new rival in the social network market, “>Google+. If you visit the page, you are invited to allow a third-party application to access your Facebook account.
Just like with previous scams, they are leveraging Facebook with sensational headlines to target ignorant victims. This version says something along the lines of “one more stolen home porn video Rihanna and Hayden Panettiere” or “Hot Lesbian Video – Rihanna And Hayden Panettiere!!” or “Rihanna And Hayden Panettiere !!! Private Lesbian HOT Sex Tape stolen from home archive of Rihanna!” followed by a link. According to Sophos, the link unsurprisingly has nothing to do with either of the two celebrities, and will instead try to infect you with malware, at least if you’re using an Apple Mac.
In a bizarre and hard-to-understand move, a Facebook page which claims it helped countless Facebook members stay safe online on the social network has been shut down… by Facebook.
IT security and data protection firm Sophos has warned Facebook users to be wary of bogus event invites that are circulating on the social network.
Several Valentine’s Day scams are spreading, along with a falsely promised video of an Italian schoolteacher striptease.