Fans of the "Twilight" movies are falling prey to a scam that can end up hijacking their accounts and sending the scam on to unsuspecting friends.
Facebook updates are circulating that look like promotions of a game related to the upcoming teen vampire movie, "Twilight Breaking Dawn," according to this Sophos blog post.
The link leads to what looks like a Facebook page with a "play now" button that when clicked surreptitiously "likes" the link and spreads it on a visitor's Facebook account.
It doesn't stop there. A dialog box pops up asking for permission for a third-party application to access the victim's Facebook account to post messages and photos, Sophos said. And then the victim is asked to fill out a survey to "verify" their account. The scammer makes money off every survey completed. (This Sophos video shows how to clean up a computer after being scammed.)
It's unclear how widespread the scam is as a Facebook spokesman said the company does not comment on the volume of attacks or specific cases. However, he did tell CNET in an e-mail that: "We are currently tracking this scam and are working to shut down the spammy vectors + remediate any users who have been affected."
Facebook also offers these tips on its Security page:
Don't click on strange links, even if they're from friends, and notify the person if you see something suspicious.
Don't click on friend requests from unknown parties.
Review your security settings and consider enabling log-in notifications. They're in the drop-down box under Account on the upper right-hand corner of your FB home page.
If you come across a scam, report it so that it can be taken down.
Don't download any applications you aren't certain about.
For using Facebook from places like hotels and airports, text "otp" to 32665 for a one-time password to your account.