14 DAY TRIAL // A few months ago, we warned users about Facebook scams that advertised a black version of the social media website. The scam is back and it’s highly prevalent.
However, in the new variant, the name of the website is spelled “Faecbook” instead of “Facebook.”
“I totally just added the brand new Facebook black,” the scammy posts read.
According to Symantec, the posts don’t contain any links. Instead, the link to the malicious website is added in the post’s comment section.
When users click on it, they’re taken, via multiple redirections, to an external site which urges users to install a Chrome extension.
This extension downloads two JavaScript files from Amazon S3, which are used to create a new Facebook page on the victim’s account.
The newly created page includes an iframe that redirects users to the scammy Facebook Black site.
In the end, the victim is presented with a survey scam. This is actually the part that helps the crooks make money, because they earn a certain amount each time someone completes the bogus offers.
So how do you get rid of Facebook Black?
First of all, uninstall the extension from Chrome by accessing the “Extensions” tab from the “Settings” menu. The rogue extension might be called “Facebook Black,” but if you can’t find it, look for any other extensions you know you haven’t installed on purpose.
Then, delete the Facebook page created on your account. To do that, access the Facebook page, go to “Edit Page” (on the top of the screen), and select “Manage Permissions.”
At the bottom of the screen you should see a “Delete [name of the page]” link. Click it and the page should be removed.
As a precaution, you should also change the password that protects your Facebook account.
Finally, make sure that you delete all the posts published by the rogue extension on your behalf.