RITIKA SHARMA / Emirates Business
UAE Facebook users, beware — the next link you follow on your account, might lead you to a malware that will steal your confidential details or corrupt your entire system.
Of late, UAE-based IT companies have detected a spam-based campaign, running on the social networking sites, that is spreading malicious browser plugin via social engineering techniques. IT experts are warning users, especially corporates, to be cautious and not follow such suspicious links on social networking sites.
One such spam, also known as scam, has been detected by ESET, the IT security company with a major presence in the UAE region. According to the analysis conducted on the scam, ESET found out that the attack starts by luring a Facebook user into playing a video, most often titled ‘My first video’, ‘My video’ or ‘Private video’.
“After clicking on the link, the victim is directed to a fake YouTube website where, instead of downloading and playing the video, user is requested to install an additional extension: Sorry, if you don’t install Video Play plugin, you will not be able to watch the video!,“ Mohamed Djenane, Security Specialist — ESET Middle East, told Emirates Business.
At the beginning of April 2016, ESET systems detected this threat more than 10,000 times in dozens of countries around the world including UAE.
“If the victim installs the malicious plug-in, his/her browser becomes infected and carries the infiltration further. His/her Facebook wall becomes flooded with fake video posts tagging multiple friends from their friends list and subsequently, all online friends will receive an identical message via messenger with the same harmful contents,“ he added.
Talking about the frequency of such attacks in UAE, Djenane explained, “There’s no available information at the moment to reflect exactly the frequency and scale of this scam within UAE. The scam spreads malicious code and infects Facebook users in US, Canada, Australia, UK, New Zealand, Russia, Slovakia, Czech Republic, Germany, Switzerland, Poland, India, Dubai, Singapore, Norway, Greece, Hungary, Philippines, Argentina and many other
regions.â€
Defying the common belief that links high smartphone penetration to such scams, he said, “Smartphones penetration is not the only factor limited to this type of scam. High smartphone penetration doesn’t necessarily indicate high number of such scams. This scam is utilising Facebook as a platform to target potential victims. In general, smartphones penetration can vary from threats against smartphones apps, such as malicious apps stealing your data or remotely controlling your phone or threats against smartphones’ software bugs. “
This can range from built-in browsers, apps and Kernels bugs. Additional threats could also be social engineering and jail-breaking.â€