Facebook virus is a common (and partially misguiding) name for spam messages in Facebook. These notifications are spread from accounts of your “friends” on Facebook. Don’t misunderstand, they didn’t become spammers – reasons for such behavior do not depend on them. However, first things first. Let’s figure out all aspects of this old-new online scam.
Explaining the Facebook virus.
Before talking exactly about the Facebook virus, let’s figure out why this platform is so popular among fraudsters. Facebook is one of the most popular social networking sites around the globe. Massive user flow allows you to earn money on advertising, online retail, and other activities conducted via this network. And cybercriminals cannot ignore such a possibility. They are always looking for ways to make money illegally, and a huge social network is likely an ideal place.
The steps they perform are next: in one of a huge variety of ways they obtain the credentials of the accounts they will use to send spam. After that, cybercriminals start the spamming campaign, sending the messages to all “friends” of the hijacked account. Messages may have quite dubious contents; sometimes, it is hard to believe that this person sent you this. “Get a $1000 Amazon gift card” or “Perfect program to check the hidden information about the Facebook user” from your mom’s account is a dubious thing, isn’t it? Besides the clickbait text, this message also contains a strange link to an unknown website. Such sites usually used to distribute different viruses, such as adware, potentially unwanted programs or browser hijackers.
Sometimes, the message content may be different from the described shape. Text may look like a phrase “Is it you?” or “Look, it is likely you on that video”. The “video” they are talking about is also in this message. But at the point when you click this video, the scam uncovers: your browser will open the same page as it was in the “classic” variant, and the virus will be downloaded.
Let me say several more words about the account hijacking. Usually, for the spamming purposes, the accounts are stolen with spyware – a specific type of virus which sits deeply inside of your system and steals all valuable information. Information about your PC configuration, passwords, credit card numbers, typically used apps – all this info is transferred to the command server.
Of course, this method is not a single in use. Cybercriminals can also make use of social engineering1, phishing, or different other ways to get control of the account. You can read more information about them here. When we are talking about recovering access to the account, spyware-related credentials theft is much easier to recover. Such attacks are committed massively, so the cybercriminals do not change their passwords. At the same time, a successful phishing or social engineering attempt usually ends with setting a different password for a stolen account.
- Detailed explanation of social engineering phenomenon on Wikipedia