Tweens taken for a ride by Twilight trick

David Swan
Wednesday, 13 April 2011 14:23

Your IT - Home IT

Teenage Facebook users are falling victim to a scam related to hit film Twilight: Breaking Dawn, with their accounts being compromised and then sending the scam onto their friends.

The scam was first uncovered in a Sophos blog post, which revealed the insecure link on Facebook, which reads "Play Twilight: Breaking Dawn. Be the first of your friends to play the awesome new Twilight game on Facebook!".

Sounds legit, right? When clicked, the link brings the user (most likely to be an unsuspecting teenager, given the film's fanbase) to what appears to be an official Facebook page with a "play now" button that when clicked "likes" the link without the user's knowledge and then and spreads it on a the Facebook accounts of the user's friends.

Sophos also said in its blog post that a dialog box appears after a user has "liked" the link, asking for permission for a third-party application to access the victim's Facebook account to post messages and photos. Following this, the victim is asked to fill out a survey to "verify" their account. The scammer makes money off every survey completed.

A spokesperson for the ubiquitous social networking website released a statement that said: "We are currently tracking this scam and are working to shut down the spammy vectors + remediate any users who have been affected."

It's unclear at this stage how many unsuspecting users have been affected, however the page itself is still active at time of writing, which is a cause for concern.

Sophos lists its best security practices for Facebook here. The first part of the film itself is set to be released November 18, 2011.