by David Michmerhuizen – Security Researcher
Facebook survey scams continue to mutate, and the latest development is pretty sneaky. Scammers have designed an offsite page that displays a very convincing YouTube CAPTCHA screen which is completely fake. Similar to fake video pages that we've written about before, this fake CAPTCHA test page uses the Facebook OpenGraph API to spread to your friends' walls and then serve up several survey links.
It starts with something unremarkable, a video link on a friend's wall:
The “Dad walks in on daughter” is very familiar to those of us who monitor Facebook scams on a daily basis. In previous incarnations it would lead to a fake video preview page. Instead, today it leads to this:
which looks enough like a real CAPTCHA to fool many people. Pressing the ‘submit' button executes code that posts the malicious video link to all of your friends' walls. Once done, the user is sent to some scammy surveys:
Barracuda Networks recommends users take particular care when on Facebook. If friends post links, make sure you trust the destination domain before following the link. Barracuda Web Filters also allow the selective blocking of Facebook within the organization.