OFFICIAL SECURITY BLOG
June 18, 2014 | BY Jovi Umawing
Users of Facebook may feel that familiar feeling dawning upon seeing a post, such as the one below, that is quite reminiscent of a viral hoax that hit the Internet late last year. It’s as vanilla-sounding as it gets this time, however.
Clicking the big, red “Play” button leads users to the third-party website, frvideoss(dot)com/serp/, that looks like Facebook but actually far from it.
Once users attempt to watch the clip, they’re instructed to share it first before they can see it—a tactic typically used by survey scammers.
A popup window lets users log in to the social network if they aren’t yet.
Sharing the video and/or closing the popup loads the page, videolafr(dot)com/eng/, which shows a YouTube clip on the background about a now infamous tale of a drunk man in India who was swallowed by a python—an event Snopes said never really happened. Overlaying this is a small window where users can pick a survey they should answer before they are allowed to finally view the video.
The survey, of course, will depend on the region of the user who access the site. Here’s a sample:
If users decide to get off the page, the scammers, in a last attempt, direct them to a page and offers something that may likely change their minds:
Unfortunately, Twitter users are not far from getting victimized by this scam, too, especially if the Facebook account owner set their posts to reflect to their Twitter stream. Case in point:
Dear Reader, if you see video clips being shared around in your Facebook that promotes sensational headlines, never click, Like, or re-share it.
Online social networks are prone to scams and other web threats, like phishing and malware.
As such, what we see in those sites, good news or bad, must be taken with a grain of salt. Best to just steer clear, warn others, and inform affected account owners that they have been scammed.