If you see a post on Facebook claiming that the United States has attacked Iran and Saudi Arabia, don’t click on it.
U.S. Attacks Iran and Saudia Arabia. F#ck [http://randomdomain.co.uk/cnn/] The Begin of World War 3?
Cybercriminals are hoping that users won’t be able to resist the headline, follow the link to a spoofed CNN site – all of which appear to be on UK domains – and fall for the old “you need to download a Flash update” routine.
While Sophos doesn’t have a solid idea on just how the malicious messages are being spread, they suspect that malware residing on user machines is the culprit.
In addition to users taking the precautionary route of doing a full system scan using whatever antivirus software they use, I suggest checking for rogue browser plug-ins that may have inadvertently been installed at some point and reviewing the list of applications that have access to your Facebook profile.
You can check to see what apps have access to your Facebook profile by clicking the little arrow icon, selecting ‘Account Settings’ and then clicking ‘App’ in the left-hand navigation.