Ex-girlfriend sex videos, browser plugins and Facebook survey scams

Graham Cluley
Graham Cluley
@[email protected]

Facebook scamScammers are up to their old tricks on Facebook, tricking users into visiting revenue-generating survey scam websites by appearing to offer sex videos.

Using a thumbnail which suggests a link to a sex video, messages posted on compromised Facebook users’ walls attempt to lure their unsuspecting Facebook friends into clicking to see more.

And if the use of a saucy snapshot of a naked man and woman in an intimate pose wasn’t enough, the messages also include a variety of names (obscured in the images below) – presumably these are the names of the afflicted users’ Facebook friends.

Sign up to our free newsletter.
Security news, advice, and tips.

[Video] WOW.. watch what Happened to his Ex Girlfriend!!
Omg. I cant believe this actually happened to his Ex-Girlfreind!

Another version reads:

OMG. watch what happened to his Ex-Girlfriend!
[Video] Wow. I cant believe this actually happened to his Ex-Girlfreind!

If you are fooled into clicking on the link, however, you are taken to a third party webpage which claims that you will only be able to view the sex video once you you have installed a DivX plugin.

Install page

Hopefully regular readers of Naked Security would know better than to click on the link to install the plugin, but if you did it would attempt to install a script into your browser.

Plugin installation

Plugin installation

This script subsequently takes your browser to an all-too-familiar survey webpage – and the more people who complete the survey (presumably the scammers hope that their victims have committed so much effort into viewing the video by now, that they’re unlikely to give up now) the more commission is made.

If you use Facebook and want to receive early warnings about the latest attacks, you should join the Sophos Facebook page where we have a thriving community of over 160,000 people.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.