What’s the latest Facebook Messenger scam?

We’re talking about a malicious message people are receiving through Facebook Messenger. The message appears to have been sent by someone in the victim’s contact list. Most likely the sender’s account has been hacked and their credentials have been stolen.

The message reads, “David Video.” It also contains a link that supposedly leads to a video.

Warning! Do NOT click the link if you receive this message, it’s malicious.

Researchers at SecureList discovered the link doesn’t play a video, instead, it leads to a Google doc. The landing page contains what appears to be a video with a play button. If you click the play button, your gadget will be infected with malware/adware.

The scammer then gathers data about the victim’s gadget, such as which browser and operating system they’re using. This information determines which malicious website they are redirected to.

When a victim is using Google Chrome, they’re redirected to a spoofed YouTube site. A fraudulent error message pops up, tricking the user to download a malicious Chrome extension. The extension infects your gadget with adware, forcing it to click multiple ads behind the scenes, which lines the scammer’s pockets.

If you’re using Firefox or Safari, the end results are similar. You’ll be shown a fake update for Flash Media Player required to watch the video. This also installs adware onto the victim’s gadget.

The criminals behind the scam could change the payload at any time in the future as well. Instead of infecting your gadget with adware they could infect it with a different type of malware or ransomware.

What you need to do

  • Do NOT click on the link – Now that you know what to look for, do not click on the link if you receive this message.
  • Warn your friends – If you receive this message, more than likely your friend has been hacked. Let all your friends know immediately so they can warn others not to click on the malicious link.
  • Deny Chrome Extension – If you click a link within an unsolicited message and the landing page asks you to install an extension, don’t. Immediately exit out of the page and delete the message.
  • Have strong security software on your gadgets – This is the best way to protect against digital threats.