Posted inSecurity

Facebook colour scam spreads through network

‘Change your Facebook color’ links should be avoided, says Sophos

Facebook colour scam spreads through network
Facebook colour scam spreads through network

A scam saying Facebook users can change their profile pages to have a black, rather than the trademark blue background is spreading widely on the popular social network.

This scam is being spread by images on newsfeeds and by event invitations that appear to be sent by users’ friends.  IT security and data protection firm Sophos today warned users to think twice before clicking on the links, otherwise they could be helping scammers to earn money and spread the scam further.

When Graham Cluley, senior technology consultant at Sophos, investigated this link from a test account, he was bounced through a number of website redirects before ultimately landing on a page titled “Change your Facebook Color”.  This page automatically ticks the box saying that the user accepts the page’s terms and conditions, and tells them that they need to take part in an online survey before they can turn their Facebook profile black.  The scammers will be earning money for the number of respondents they can entice to complete these surveys.

“It’s interesting to see that the scammers behind this particular campaign have clearly dusted off some webpages they used in previous scams, as several point towards past campaigns such as the “Remove Your Facebook Timeline” scam from earlier this year,” said Cluley.

“Unfortunately, many Facebook users will be too excited about the prospect of perhaps changing the look and feel of Facebook that they will not spot suspicious clues.

“If users have mistakenly clicked on links or accepted invitations as part of this scam, they should remove all offending messages, photos and ‘likes’ from their account, check that they’ve not authorised a rogue app to access their account – from where it could steal information or post without asking permission – revoke any rogue app’s publishing rights, and report it as spam to Facebook.”