New Facebook Scam Targets 'Fan Check' Application

New twist on old social engineering tactic as hackers lure Facebook users to malware-infected sites -- all in the name of security

While incidents of identity theft, phishing attacks and other schemes that take place on Facebook have been well documented (See: Five Facebook, Twitter Scams to Avoid and 5 More Facebook, Twitter Scams to Avoid), it turns out the latest scam simply uses the popular social networking site as a scapegoat while leading users to outside malicious sites. Last week, rumors swirled around Facebook that a new application known as "Fan Check" was infecting users with a virus. The story spread as many users updated their status to read: "The FAN CHECK Application is a VIRUS that takes 48 hours to kick in. Even if you are tagged in a photo the virus still attacks you. Please inform all you friends and remove/delete the applications ASAP. Copy and paste this as your status so word gets around quickly."

However, according to several security firms, including U.K.-based Sophos, it's not the Fan Check application that is the problem, it's the so-called "removal kits" that are being hocked by hackers that are the real danger. As rumor of the alleged Fan Check virus made the rounds, the term skyrocketed in popularity on Google and other search engines. As Sophos' Graham Cluley blogs, hackers have set up several malicious sites that prompt users to purchase fake anti-virus software. The sites, which users get to through their search engines results, "display bogus warnings about the security of your computer in an attempt to get you to install fraudulent software and cough-up your credit card details," according to Cluley.

The developers of the Fan Check application have already posted details about the rumors and are refuting the virus claims on the discussions page hosted on the Fan Check Facebook page. In a post from the developers, they assure users the bug does not exist and that Fan Check is a legitimate application that allows Facebook members to rank friends based on how often they interact with a user's Facebook wall. Fan Check claimed to have 2,762,455 fans on Monday afternoon.

Copyright © 2009 IDG Communications, Inc.

The 10 most powerful cybersecurity companies