Scammers Use New Trick to Mimic Legit Facebook Links

[Peaches]

Scammers Use New Trick to Mimic Legit Facebook Links

By Lucian Constantin

Scammers are managing to wreck havoc on Facebook by using a new trick to make malicious links appear as if they are part of the website's normal user interface.

One scam spotted by security researchers from Sophos preys on people's fears and asks them to verify their account in order to prevent receiving spam in the future.

"Please do your part in PREVENTING SPAM by VERIFYING YOUR ACCOUNT. Click VERIFY MY ACCOUNT right next to the comment below to begin the verification process," the spam message reads.

Under the message, where the "Like", "Comment" and "Share" links are usually located, there's a link reading "==VERIFY MY ACCOUNT==" using the same styling as the legit ones. Clicking on it executes code from an external domain which causes users to automatically repost the message on their walls.

"Assume that messages which ask you to verify your account by clicking on a link are false. You wouldn't (I hope) click on links in emails which claimed to come from your bank trying to panic you about your account.

More details here: http://news.softpedia.com/news/Scammers-Use-New-Trick-to-Mimic-Legit-Facebook-Links-200131.shtml