A new exploit is running throu Facebook If you just visited a app link in your friends massage the Travian Virus Script it takes your auto permission to massage your friends. On the button of the App page is a hided feeld with the malicious code in it to auto give them permissions.
How it works
It send a random massage from your account to 20 Friends in regular period with the text like ,auto like the app get all permission to the APP publish stream, read stream, user_online presence, email and offline access
It resend invitation on every visit .
“im sending you a gift thru this because u are my FAV!! lol jk but i did gogogo
see it = http://apps.facebook.com/thela***factory/”
“im using up my fb ad credits to send u a gift so
HERE = http://apps.facebook.com/thela******factory/”
im using up my fb ad credits to send u a gift so HERE
Probably it hold a selection of 10 similar massages all link to a apps.facebook.com/ something
How to Remove
Go to your Apps privacy setting and look for a App called ” laugh factory ” or similar
Remove the App
Inform your Friends about it that the massage is not from you
You can explain them one by one how to remove it again or share these small post .
What will happen if you ignore the massage the Virus App will continue to send massages in your name to your friends to spread and infect more accounts . The Virus app claim extendet rights to send massages in your name to your fiends.
Some security for the future
Important rules if you don’t get fround or maleware thru your facebooking time
- Friends never send Massages with App links, they can simply invite with the Facebook invite as usual.
- Never follow any shorten link on Facebook
- Don’t download Software out side trusted Webpages and sources
Remember the native language your friends use will he send you a privat massage in english ?
Remember what he usually share , do he promoting Apps or funny thumbnail pictures ?
How is spreading these exploit ?
As a personal massage get more often recognised than just a like on your wall it could spread much faster than the previous auto like pages that get stopped by Facebook. Nothing is more worse if you have to setup your computer new. Or even lose your account or friends as Facebook some times disable accounts that spread links like that.
Secondly the App name is using the name of a famous Hollywood brand what could violete some copyright and brand name too.
If you get a massage from a friend like that that you should not follow the link if you don’t what to spam your friends with that advertisement or lose your account.
You can report any link or massage directly to Facebook on the email firstname.lastname@example.org to the Abuse Team to prevent spreading these kind fo scam over your friends account . Pleas share