Facebook Color Change Chrome App Lures Users to Fraud Site

A malicious element hosted on Google Chrome Web Store is advertised as an app that’s capable of changing the color of your Facebook profile.

Facebook scams advertising black, pink or green versions of the social media website have been around for quite some time, but this particular scheme is highly complex compared to what we’ve seen before.

Once the Facebook color change app is installed, it begins displaying large Google Ads banners in the browser, which advertise shady work-from-home jobs. When these advertisements are clicked, victims are taken to fraud websites designed to steal sensitive data, including their Gmail credentials, Bitdefender experts inform.

The Gmail credentials are utilized to generate multiple blogs, all of which are set up to advertise the scheme.

After the blogs are created, the Chrome app starts posting links to them on the victim’s Facebook timeline. To ensure that as many users as possible get to see the scammy messages, the victim’s friends are tagged.

The clever thing about this cybercriminal operation is that each time the app posts on the user’s timeline, the link points to a different blog. This way, blacklisting is avoided.

“Scammers gave a new twist to the old change-your-Facebook-color scheme that’s been luring users to fraudulent websites to grab credentials and other sensitive data. By creating dozens of blogs for a single account, the scam spreads like wildfire among Facebook friends,” Bitdefender Chief Security Strategist Catalin Cosoi explained.

Over 38,000 internauts have already downloaded the malicious app from Google Chrome Web Store.

So far, the scheme has been seen affecting users from the United States, the United Kingdom, Romania, Spain, Germany and other countries.

Google Chrome customers are advised to steer clear of Facebook color changing apps. Experts recommend the use of specialized security solutions – such as Bitdefender’s Safego – that can protect social media accounts against such threats.