Facebook Is Not Shutting Down (It’s a Scam)

/ Source: SecurityNewsDaily

Don’t panic: Facebook will not close your account today, despite what that wall post from your friend says.

Researchers at the security firm Sophos report that a social engineering scam is spreading across the site claiming that Facebook CEO Mark Zuckerberg has decided to close down all accounts.

The message offers users a “simple step to keep your account working” — that simple step is to click on a link that promises to verify accounts and ensure they stay up and running.

As with most Facebook scams, the link does not do what it promises, and instead takes victims to a page that requests their personal information. If users continue to follow the scam’s directions, they are then taken to a page called “Facebook active account verification process.”

With a message purporting to be from Zuckerberg, the fake verification page warns users that they have 15 minutes to verify their accounts before they are “deleted without hesitation to create more space.” If users click on the link, they are taken to a survey page that generates revenue for the cybercriminals.

“The message which claims to come from Mark Zuckerberg is bogus, and there is no need to verify your Facebook account to prevent its deletion,” reads a Sophos blog post.

While this scam exists within Facebook only, there are two more strains of malware that, with Facebook as bait, are finding alternate routes of attack.

Researchers at PandaLabs are reporting a similar “reactivation” scam traveling via instant messaging applications such as AIM and Yahoo! The corrupt messages inform recipients that their accounts will be shut down unless they complete a survey. The survey page is infected with a strain of malware called W32.Lolbot.Q.worm.

Upon completion, the rogue survey informs them that they must subscribe to a service in order to reactivate their accounts. Users are even asked to enter their cell phone number, which is then charged $11.60 per week.

The other piece of malware, Asprox.N, is a trojan delivered through e-mail informing users that the login credentials have been changed on their Facebook accounts. To obtain their new passwords, recipients are instructed to open a fake Word attachment that connects to all mail service providers on the victims’ computers and spams the message to as many people as it can. Both W32/Lolbot.Q.worm and Asprox.N only affect Windows users.

These are just three in a long line of social engineering scams that have burned through Facebook. Security experts say that as long as Facebook continues to draw hundreds of millions of daily users, it will undoubtedly be a prime target for cybercrime.