What’s wrong with Facebook blue, anyway? The promise of changing the colors of users’ Facebook profiles is once again being used to bait victims of the scam into installing malware, according to Cheetah Mobile.
Victims who click to install the Facebook Color Changer application are actually rerouted to a phishing site, and Cheetah Mobile described what happens next:
The phishing site has two ways or attacking consumers. The first is stealing the users’ Facebook access tokens by asking them to view a color changer tutorial video. At this point, the hackers gain temporary access to these tokens, which allows them to connect with the user’s Facebook friends.
If a user doesn’t view this video, it then tries a new way to spread the malicious software, by getting consumers to download a malicious application. If a user is on a PC, the site leads them to download a pornography video player. If the user is on an Android device, it issues a warning saying that the device has been infected and advises users to “download now” a suggested app.
Cheetah Mobile advised victims of the Facebook Color Changer scam to immediately change their passwords and uninstall the app via app settings.
Readers: Have you seen any Facebook Color Changer posts in your News Feeds?