Miley Cyrus Tape Scam Designed to Swipe Facebook Authentication Tokens

There is no video, only bogus surveys and account takeovers

By on September 28th, 2012 14:07 GMT

Facebook scams that advertise the secret intimate tapes of various celebrities are not new, but because they’re fairly successful, cybercriminals continue to rely on them to achieve their malicious goals.

According to Bitdefender's HotForSecurity blog, the latest scheme starts with a post that allegedly leads to a private video featuring Miley Cyrus. When victims want to play the clip, they’re asked to verify their age.

How? By copying their Facebook authentication token and by pasting it into a designated textbox.

Of course, even after the token is handed over, there’s no video of Miley Cyrus. Instead, the victim is presented with a classic survey scam which – if completed – earns the scammers a certain amount of money.

However, this is not the main issue. By giving the crooks the authentication token, the unsuspecting Facebook customer is actually allowing them to access his/her account.

Users who fall for it will see their Timeline flooded with posts advertising the aforementioned video. Even worse, all their friends will be tagged to make sure that they don’t miss it.

If you already fell for it, we hope that you removed all the posts about the Miley Cyrus tape before your grandmother saw them.

5 Comments