A Facebook replica site attempts to push a malicious browser extension
Facebook members may be offered a link to a video that shows how Chuck Norris died, but instead of a video, they’re either served with a survey scam or a malicious browser component.Graham Cluley provided a variant of the scam that urges users to click on a link that redirects them to a survey scam which offers tons of prizes in return for some clicks and personal information such as email address, name, postal code, telephone number and birth date.
“[video] Chuck Norris dies at age 71! Not a Joke.[LINK] See the video to find out how he died. News today of Chuck Norris death at age 71 has been met with confusion and humour, but sadly it is true,” reads the scam message.
Another variant we’ve found is much more dangerous than this. It leads the unsuspecting victim to a malicious website that tries to replicate a Facebook page.
A video window urges the user to install a “Youtube Player update” in order to view the video. Of course, as in many similar cases, instead of a genuine component update, the site pushes a browser extension called youtube.xpi.
Once it’s installed, the malicious element may give cybercriminals control over the victim’s browser and assets.
The phony website that hosts the scam is called appddd.info and it’s designed to dupe visitors into believing that a few thousand people Liked the page.
Users are advised to ignore fake news and check out their validity from trusted sources before rushing to click on suspicious links.
If by mistake you’ve already shared the scam with your friends, make sure to remove it from your wall. On the other hand, if you fell victim to the second variant and installed the malevolent browser extension, access the application’s settings menu and remove it before it can cause any damage.