The world’s worst McDonald’s customer? Beware rogue Facebook app spreading rapidly

Thousands of Facebook users are spreading a message to their online friends, urging them to see a “shocking video” that claims to be of the world’s worst McDonald’s customer.

McDonald's rogue Facebook application

The messages read:

OMG the worlds worst mcdonalds customer (shocking video must see)

Sign up to our free newsletter.
Security news, advice, and tips.

followed by a bit.ly link.

Clicking on the link takes you to a Facebook application called “Worst McD’s Customer”, which asks permission to post to your wall, access your data at any time, access your contact information and your list of friends, amongst other things.

McDonalds rogue Facebook application asks for permission

If you’re sensible you’ll pull out at this point, and not grant the application permission to access your data. But sadly plenty of people are keen to see the “shocking video” and will hand over control to the rogue Facebook app – which promptly posts the link as a status update to your Facebook wall – thus perpetuating the cycle.

If you were foolhardy enough to fall for this trick, remove the references to the link from your newsfeed, clear your status message, and ensure that the application’s right to access your account is revoked.

McDonald's rogue Facebook application

Just imagine what cybercriminals could do if they had access to your profile..

We’ve contacted Facebook and bit.ly asking them to shut down the application and the shortened link respectively – but it’s almost certain that it will pop up again before too long with a slightly different name.

Here’s a quick YouTube video where I show you how to clean-up your Facebook account from such an attack:

[youtube=http://www.youtube.com/watch?v=Or-qR0Y300w&w=500&h=311&rel=0]

If you’re on Facebook you should join the Sophos Facebook page to stay up-to-date with the latest security news.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.