omg-girlfriend-170SophosLabs: Scammers are up to their old tricks on Facebook, tricking users into visiting revenue-generating survey scam websites by appearing to offer sex videos.

Using a thumbnail which suggests a link to a sex video, messages posted on compromised Facebook users’ walls attempt to lure their unsuspecting Facebook friends into clicking to see more.

And if the use of a saucy snapshot of a naked man and woman in an intimate pose wasn’t enough, the messages also include a variety of names (obscured in the images below) – presumably these are the names of the afflicted users’ Facebook friends.

omg-girlfriend

[Video] WOW.. watch what Happened to his Ex Girlfriend!!
[LINK]
Omg. I cant believe this actually happened to his Ex-Girlfreind!

Another version reads:

OMG. watch what happened to his Ex-Girlfriend!
[LINK]
[Video] Wow. I cant believe this actually happened to his Ex-Girlfreind!

If you are fooled into clicking on the link, however, you are taken to a third party webpage which claims that you will only be able to view the sex video once you you have installed a DivX plugin.

omg-install

Hopefully regular readers of Naked Security would know better than to click on the link to install the plugin, but if you did it would attempt to install a script into your browser.

divx0

divx1

This script subsequently takes your browser to an all-too-familiar survey webpage – and the more people who complete the survey (presumably the scammers hope that their victims have committed so much effort into viewing the video by now, that they’re unlikely to give up now) the more commission is made.

If you use Facebook and want to receive early warnings about the latest attacks, you should join the Omid’s Network Facebook page.