Security researchers warn of a new Facebook scam that uses a Twilight Breaking Dawn game as lure to trick users into spamming their friends and participate in surveys.The scam combines clickjacking with rogue apps, so it comes with two propagation mechanisms. The produced spam encourages users to go play a new game based on the final part of the Twilight series.
It reads: "Be the first of your friends to play the awesome new Twilight game on Facebook!" and contains a link to a page displaying a poster with a "Play Now" button.
Clicking anywhere on the page forces users to like it and at the same time post the spam message without authorization on their walls.
This is achieved via an attack technique known as clickjacking, where a button is hidden and positioned over a legitimate-looking one so that clicks are hijacked and used to perform unintended actions.
Following the clickjacking, users are prompted to allow a rogue app called "Breaking Dawn" to post on their walls. If installed, this app gives scammers a more persistent way of sending spam from their victims' accounts.
Finally, users who get this far are asked to fill out a survey, allegedly as an account verification method. These surveys earn scammers money through affiliate marketing schemes that pay them commissions.
"It seems that fans of Twilight are only too easy pickings for Facebook scammers, judging by the large number of reports from affected Facebook users we are seeing today," writes Graham Cluley, a senior technology consultant at Sophos.
Users who fell victim to this scam should remove the rogue app from the profile by going to Account > Privacy Settings > Applications and Websites. The spam message posted on their wall should also be deleted and the rogue page unliked.