A new Facebook scam has been spotted over the last few days. Unlike previously seen social engineering tricks, this scam only appears after a certain malware enters a system. The malware, known as Citadel, injects itself into a Facebook session when a victim opens a Facebook webpage. It then displays a prompt that asks a user to make a small contribution through his credit card. What works in the favor of the prompt is the message that asks for a donation to a charity for sick and impoverished children.
Since the amount asked for is insubstantial (around $1) a lot of people do not question the credibility of the visible prompt. The prompt then proceeds to ask the victim his name, credit card number, expiration date, CVV and security password. Once all this data has been collected by the attacker, he can misuse it for several purposes.
What makes this Facebook scam unique is that it appears in different languages, depending upon the location of the victim. There are different versions of the text that are slightly modified to add a regional touch and a seeming credibility to the scam. So far the scam has been spotted in the following languages:
Quick Heal advises its users to not fall for this scam. A charity organization will never ask for a donation through a social network. Moreover, if an application requires credit card details it will ask for the same from its official Facebook page, not through a prompt or pop-up window. If such a prompt appears it is also recommended to run a full system scan with the best Internet security software to get rid of this malware.
Users should refrain from divulging credit card details over Facebook as attackers have devised several methods to abuse this information. We will keep our readers updated on this scam so watch this space for more!
i am unable to connect to only one site i..e facebook.i do not undrstand why i am unable to connect to facebook can u please suggest me the reason
This might be a problem from your ISPs side. We request you to contact them for further details. If your problem persists and is related to your Quick Heal product, you can submit a ticket by visiting this link – https://www.quickheal.com/supp_tic.asp.
These thugs use fb for this purpose n those fb official harass n block innocent ppl
someone must alert them first
Thanks quickheal for keping us updated, can not you post this on FB or shall we copy this post and post this on FB
The Facebook security team is aware of this threat.
if the facebook is already aware of that, then they should do something for that(i mean that they should block that). And Thanks For awareing us about that.
thanx a lot quickheal for this necessary information……
You’re welcome Praveen.
Thank you quick heal. Internet security 2012 product is awesomely awesome. keep updating the latest news always. Love to be a part of the quick heal family…
It’s our pleasure to have a satisfied customer like you.
facebook chatting is spoiling culture, thanks to quick heal family to giving the awarness of updated news
Thanks rahul for updating us with one more new scam.
hey quick heal can you send me your latest product of anti-virus i.e. quick heal 2012 please & thanks for keeping us update
Thanks for your interest in our products. Visit this link for more detailed information – https://www.quickheal.com/products.asp.