|
|
Sounds legit, right? When clicked, the link brings the user (most likely to be an unsuspecting teenager, given the film's fanbase) to what appears to be an official Facebook page with a "play now" button that when clicked "likes" the link without the user's knowledge and then and spreads it on a the Facebook accounts of the user's friends.
Sophos also said in its blog post that a dialog box appears after a user has "liked" the link, asking for permission for a third-party application to access the victim's Facebook account to post messages and photos. Following this, the victim is asked to fill out a survey to "verify" their account. The scammer makes money off every survey completed.
A spokesperson for the ubiquitous social networking website released a statement that said: "We are currently tracking this scam and are working to shut down the spammy vectors + remediate any users who have been affected."
It's unclear at this stage how many unsuspecting users have been affected, however the page itself is still active at time of writing, which is a cause for concern.
Sophos lists its best security practices for Facebook here. The first part of the film itself is set to be released November 18, 2011.
