Facebook Black Scam Spreading Quickly, Symantec Warns
The attack is using Amazon's S3 cloud storage service to host the campaign, according to Symantec, which warned about the attack Wednesday. Users are tagged with a picture that links to an external website that attempts to get users to install a Chrome browser extension to experience the phony service.
[Related: 5 Costly Hacker Attacks Plaguing Enterprises ]
"Ultimately, users that install this Facebook extension will be presented with a set of survey scams, which is how the scammers monetize these types of campaigns," wrote Symantec threat researcher Satnam Narang. "Google has already removed several of these Chrome extensions and continues to improve their automated detections for malicious extensions."
Social networking threats have become fairly commonplace, with human security teams and automated processes in place at Google, Facebook and Twitter to detect and contain suspicious behavior before it becomes a serious problem. Facebook's popularity and long-term success have made it the primary target of many scams, which typically use links to phony videos, articles and websites. Security experts say users of social networks have a greater trust in links and messages shared on social networks, often freely clicking on links shared by others.
The good news is that social networks do not typically harbor malware, according to a report issued in February by Palo Alto Networks. Instead, scammers host attacks by exploiting flaws in custom Web applications, according to the Santa Clara, Calif.-based networking security vendor, which analyzed malicious traffic in 2012.
The social network taking up the most bandwidth was Facebook, followed by Tumblr, Pinterest, MySpace and Google. Merely blocking access to social networks does little to improve an organization's security posture, the firm said.
PUBLISHED MARCH 20, 2013