People are always sharing the latest gossip about their favorite celebrities. Who's getting married? Who's breaking up? Who's been cast for a new role, or is canceling a concert? No matter what shape or size the post comes in, it's always tempting to click for the latest update.
When the post is promising something a bit more scandalous, it's even more tempting. And that's what's happening right now.
Posts are popping up in Facebook News Feeds that promise nude photos or sex tapes of Hollywood's hottest actors. Jessica Alba, Jennifer Lawrence, Selena Gomez, Hilary Duff, Rihanna, Scarlett Johansson, Kim Kardashian, Kelly Brook and Nicki Minaj, just to name a handful.
If you accidentally click on these posts, a PDF file will be opened up that takes you to a fake YouTube page. The page displays what looks like a video with a Play button.
Clicking on the Play button will trigger a pop-up that prompts the user to install a Google Chrome extension, but after installing this extension you'll be directed to another Facebook login page.
Those who think something went wrong might unknowingly enter in their Facebook login credentials to try the process again. But that's where things take an even larger turn for the worse. Entering in your credentials will give this extension access to your information, as well as the people on your Friends list.
Throughout the process, malware is also installed onto your device. This malware creates aggressive spam messages that will drive you crazy! The Chrome extension also includes a list of antivirus and antispam domain names that the software actively blocks, so it may even slip by your antivirus software.
Don't get infected by this scam
Once infected, removing this malware from your device will be a pain. You'll need to delete the extension in Google Chrome, then delete the software from the registry key. It all gets a bit technical, and you may even need to bring in the professionals.
As always, it's best if you can avoid this malware altogether. Here are some steps you can follow so that you won't accidentally infect your smartphone, tablet or computer.
- Be sure to exercise caution before you click on anything. Hover over any links and see where they direct before you click. If the links provided go to a website, don't click it. Navigate to the company's site yourself without the link.
- Take some time and try to spot typos.
- Use the "hover before you click" trick. Hover your mouse over the hyperlink, then look down in the left-hand corner of your screen. You should see the URL of the site you're being directed to. For this particular scam, avoid any URL that looks like this: hxxps://rb-xxxxxx.xxx/gxxxo.php. But, in general, avoid any URL you don't recognize.