Facebook users are warned to be on the lookout for shady posts that promise free UGG boots. The scheme is designed to lure users to a malicious site that hosts a rogue browser extension.
According to Facecrooks, there are several variants of this scam currently making the rounds on the popular social media website. In one of the variants, the posts read: “To celebrate the winter, we are giving away boots to all facebook users!! Register now [link].”
Those who fall for it and click on the link are taken to a website where they’re urged to install a browser extension that’s capable of accessing the data on all websites, browser activity and even manage the victim’s apps.
Internauts are advised to avoid such websites. They can protect themselves by ensuring that an antivirus solution is running in the background, or by setting up their Facebook accounts in a manner that mitigates such threats.
More details on how to do this are available in the advisory published by Facecrooks.
If you're a victim of this scam, be sure to change your Facebook password and revoke the rights of any suspicious apps and browser extensions.