Videos offers claiming to reveal a popular Hollywood movie star supposedly being exploited by revelation of their bare flesh is an old scam that has become new all over again. Hackers have now leveraged the popularity of Harry Potter star Emma Watson in a Facebook scam that advertises her in a raunchy video but actually leads to the installation of an app called VideoLeak.
This scam initiates with a message posted on Facebook claiming that a video of Emma Watson naked has leaked as demonstrated in Figure 1 below. Naturally, Facebook users who have nothing better to do gravitate to this post containing a link. Clicking on the link takes the user to a page where they are asked to click a 'Like' button (automatically sharing the link on their own Facebook page) and then instructed install the VideoLeak app to supposedly watch the video.
VideoLeak is an app, once installed, starts posting all types of random messages via Facebook to lure in other potential victims of this scam. After that, the victim is redirected to a survey site to conduct various surveys, which will in turn generate money for the hackers who crafted this scam.
Figure 1. Example of VideoLeak app sharing a link requesting permission to make posts on your behalf on Facebook – Source: grahamcluley.com
The deployment of many anti-scam mechanisms has been a goal for Facebook for a long time now. Researchers believe these anti-scam mechanisms do not do enough to be proactive with scammy posts.
There is an apparent influx of scammy posts with attacks aimed at anyone who clicks on the wrong thing on Facebook. Facebook is aware of these issues, but so far there defense measures put in place are just not enough to put an end to these problems. For now, the best defense against these scams is to stay educated and in-the-know of the latest and greatest scam.
It is best to remember to delete all questionable posts published on your timeline before your friends click on a potentially malicious link. Additionally, be sure to revoke access of any questionably app used on Facebook. Such an app could be the gateway to spreading malicious links to your Facebook friends.