‘Change Your Facebook Color’ Scam Tricks Users into Downloading Malicious Chrome Extension

Facebook RedCybercriminals are doing all they can to take advantage of Facebook users that [for whatever reason] want to change the site’s theme color.

Dozens of internet scams have popped up in the past, promising to give Facebook users the ability to change Facebook’s signature blue to another color, such as pink or black. Most of these offers turned out to be nothing more than a survey scam, but there were some that were just a way for the scammer to take over the victim’s Facebook account.

The goal of the latest version of the Facebook color-changing scam, however, is to get users to download a malicious Chrome extension.

Potential victims are first exposed to this scam after receiving a Facebook event advertising a Tumblr page, titled ‘My Friends Can Change The Facebook Color’ that will redirect them to another site offering the rogue Chrome extension.

Screenshot Credits: Webroot

Once installed on the victim’s browser, the extension runs a script that will keep the scam going by:

  • creating a new Tumblr page that redirects to the page promoting the Chrome extension
  • creating a new Facebook event promoting the offer & directing users to the freshly-created Tumblr page
  • inviting all of the victim’s friends to the event

As Webroot researchers have pointed out, the real danger lies within the fact that the rogue Chrome extension will have access to all of your data on all websites along with access to your tabs and browsing history.  That’s a lot of information you don’t want in the hands of a scammer.

Honestly, changing the Facebook website colors isn’t important enough to risk having sensitive information stolen – or having your account taken over by an attacker (if that’s the goal of the scam).

Did You Fall for this Scam?

If you’ve already fell for this scam, it is recommended that you:

  • Delete the Facebook event.
  • Remove the Chrome extension from your browser
    • Click the Chrome ‘Menu’ button
    • Select Tools
    • Select Extensions
    • Click the Trash icon next to the extension
    • Click ‘Remove’ in the confirmation dialog
  • Warn your Facebook friends about this scam & advise fellow victims to follow these same steps.

Make sure you steer clear of any offers to change Facebook theme colors in the future!

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

This entry was posted in Computer Security, internet scam, malware, phishing, scam, social engineering, spam, technology and tagged , , , , .
Follow any comments here with the RSS feed for this post. Trackbacks are closed, but you can post a comment.

© 2014 Hyphenet, Inc.
1761 Hotel Circle S, Suite 350, San Diego, CA 92108

All rights reserved. Reproduction in whole or in part in any form or medium without express written permission is prohibited.

Hyphenet IT Security Blog located at 1761 Hotel Circle South, Suite 350 , San Diego, CA . Reviewed by 91 customers rated: 3.8 / 5