People, there is a new attack site or link (originated from Facebook) with the following pattern (emphasize on point 3 below, posing as Flash or other Plugin installer):
- It is posted on your friend feed because one or more of your friend's PC was attacked. (BTW, it may appear on your wall, even if you didn't click - in case the compromised friend of yours has the access to post on your wall. This normally happens through tagging. When the virus posts on your friend's wall, it may also tag you. So it will appear on your wall too. So if you fear that one or some of your friends FB account is compromised, then temporarily disallow him/them to post on your wall from Facebook privacy setting)
- Once you click the link, if you're logged-in on Facebook, it will post the same crap from your profile.
- You are logged in or not, in either case, it will try to play a video after that, and after a few seconds, it will say
"Plug-in not installed, click to install plugin" - or something similar.
It looks something similar, when your browser doesn't have Flash player installed.
- When you click this, it'll download and try to install an exe file which is actually some sort of Trojan | virus.
Please don't fall into their trap, this will compromise the security of your computer & may potentially compromise security of your friends' & colleges' computer. So, don't click on crappy link | image | video on Facebook and be safe. If any link asks you to install a plugin, make sure it's from a valid & secure source. For example: Always install Flash player directly from adobe.com
I've made a habit of myself in tracking and reporting these types of spams & viruses.
However, you may or may not have the sufficient technical expertise for this. So if you are doubtful about a link, posted on your Facebook wall or Friend's feed, contact an expert you know to test the link's validity.
If you have to check for yourself, don't click, follow the instructions below:
- Right click on the link or video or image.
- From browser context menu, select COPY LINK. (depending on the browser you are using, the context menu may be a little different, but you'll know when you see it)
- Paste the link to a different browser. Of course first make sure you or someone else is not logged-in on Facebook from that browser. Just visit Facebook home page to make sure. Only then visit the concerned link.
BTW, there is an easy way to see if some video | photo | link is a valid Facebook video | photo | link (not applicable for mobile browser). Just take your mouse pointer over the video | photo | link after the page is completely loaded, and look at your browser's status bar. (If you have no idea what a status bar is, look at the bottom left corner of your browser).
If the link is something like:
Then, most likely it is OK (with one exception though: If it takes you to a Facebook application page, and that application is asking permission for full access to your Facebook account, then you should be concerned about it)
If your status bar shows a link other than Facebook, (even though it is presenting itself as a Facebook video or photo) then avoid it. However, if the external site's link is something familiar, like YouTube, Google, BBC, CNN etc. then no problem. But make sure, it is a familiar site and not a trap.
For example, This is a YouTube link example:
But, this is not (TRAP!!!):
Be careful and be safe & secure 🙂
8 thoughts on “Facebook Spam | Trojan | Virus - posing as plugin installer”
I love your blog.. very nice colors & theme.
Did you make this website yourself or did you hire someone to doo it for you?
Plz answer back as I'm looking to construct my own blog and would like tto
know where u got this from. thanks
Did it myself, thanks.
It's a modified version of WordPress 2014 Theme.
Terrific post but I was wanting to know if you could write
a litte more on this subject? I'd be very grateful if you could elaborate a little bit more. Kudos!
Cool information about facebook virus attacks! I've noticed many times that videos are posted on my wall from my friends and when I ask them about video they said NO I didn't post any video 🙁 Anyways Thanks for informing us to stay safe from these kind of videos or links. One thing more I want to add in this post please Install Norton app for scan your wall on daily basis. I'm using it and its very important if you want to stay safe. As you said temporary disallow your friends who are posting videos/links.
just make a system restore.. or run msconfig then uncheck those virus on startup tab..coz most viruses are running on startup method.. or much better to look for the directory of that virus then delete the file..=)
suppose anyone has downloaded that player plugin...which is virus .exe file..... then how to delete it frm computer???
Well, I suppose there is no simple answer for this question. Since, each case of virus .exe will be different from others.
Your best action is to Google with the specific file name for that virus .exe file and look for particular solution for that virus & then scan the entire computer with a good anti-virus software.
Reinforces the knowledge that one should always download these things from the source......Good information......Thank You!!!