14 DAY TRIAL // A new viral scam is making the rounds on Facebook tricking users into distributing spam by falsely claiming they appear in a video posted on YouTube.
The scam uses multiple spam messages including: "YO [name] why are you tagged in this video", "hey [name] i cant believe youre tagged in this video", "hey [name] you look so stupid in this video" or "OMG [name] why are you in this video."
The messages include a video player thumbnail and claim the video is from youtube.com. A random number of views and likes are displayed next to the image.
Clicking on the included link takes users to a page asking them to paste some code into their browser's address bar.
Of course, doing so is a very bad idea as the code is designed to repost the spam message on the user's wall without their approval.
This code pasting trick is one of the more traditional ones, however, since it's still actively used by scammers it means it continues to have desired effect.
It's interesting that this particular scam comes a few days after Facebook introduced an anti-xss filter aimed to detect and block exactly this technique.
"Now, when our systems detect that someone has pasted malicious code into the address bar, we will show a challenge to confirm that the person meant to do this as well as provide information on why it’s a bad idea," Facebook said in the announcement.
It's not clear whether people are clicking through Facebook's warnings without reading them or if the new protection mechanism still needs some tweaking to properly detect the rogue code.
Users who have been affected by this scam are strongly advised to remove the spam messages from their walls by clicking on the x which appears in the upper-right corner when the mouse pointer is hoovered over them. This will prevent their friends and family members from also falling victims to the scam.