Facebook Scams Upgraded with Web Browser Plug-Ins

The classic Facebook scams have been upgraded to include some cleverly designed web browser plug-ins that allow the masterminds that run malicious operations to make sure their scams are spread out automatically from one social media customer to the other.

Many people have learned that whenever they’re presented with a fabulous prize on Facebook in return for a simple Like or a Share, it usually means that some cybercriminal is trying to spread his malicious scheme with the purpose of making a profit.

Attractive videos or deals that promise free iPads and other cool stuff are usually enough to get an unsuspecting user to click on a scam, but what happens if he doesn’t want to share the scam with his friends?

This is where the new browser plug-ins discovered by Websense come into play. Now, besides the requests to click on different links, victims are also presented with a browser plug-in they are required to install, in order to win the prize.

Once installed, the plug-in uses the Facebook API and automatically posts the scam on the pages that belong to the victim’s friends. This way, each time the user encounters such a malicious advertisement and clicks on it, all his friends will suffer the consequences.

For now, only Firefox and Chrome browsers are targeted, but it shouldn’t surprise anyone if the malevolent components are adapted for other web applications as well.

While browsers usually warn users before installing potentially harmful software, most people will disregard the warnings and carry on with the process.

Everything starts with an apparently innocent link that promises to install a “Premium Plugin.” In reality, the link hides a script that checks to see which browser is being utilized and then installs the variant of the plug-in that is needed.

The malicious plug-in loads a script from an external site, which posts the scam, in the victim’s name, on all of the pages that belong to his friends.

In the most optimistic scenario, users that fall for this scam unknowingly fill the pockets of the crooks with cash from affiliate marketing sites, but there is always the possibility that the links lead to malware.