Facebook users in India are being targeted by hackers to gain more likes and followers on the social network. According to Symantec security experts, the new scam is a variation of a method called self-XSS (self cross site scripting), which helps trick users into copying and pasting code into their browser’s console that could perform various actions on their behalf. Researchers reveal a post went viral on Facebook from a particular page showing a purported video tutorial on “Facebook Hacking” with a disclaimer saying – it is meant for educational purposes only. The post redirects to a document hosted on Google Drive, which feature some code, which supposedly allows users to reveal their friends’ Facebook passwords. The instructions ask users to disclose their friends’ Facebook passwords. The instructions attempt to convince the user to paste the code into their browser console window and asks them to wait two hours before the hack will supposedly work. This thing is quite irritating and it just helps the page owner to generate more likes and comments on their facebook page. And now, Symantec is ready to tail those people who are after such spamming act. And India is one of the most developing platforms for hackers and spammers as people in India believes in miracles, rather than reality and put themselves into security threat.
“What really happens when you paste this code into your browser console window is that a series of actions are performed using your Facebook account without your knowledge. Behind the scenes, your account is used to follow lists and users, and give likes to pages in order to inflate the follower and like counts defined by the scammers,” explains Symantec in a detailed blog post.
Symantec reveals this type of scam was first circulated in 2011, while the current variation has been around since early 2014. Scammers manage to gain massive success with this scam earlier this year with gaining 50,000 to 100,000 likes and followers on a number of pages and profiles.
“For this campaign, the individuals responsible are based in India. They have modified the original authors’ code by simply adding their own pages and profiles into the script to increase their follower and like counts,” adds the blog.
And for the last few days, I’m also getting tagged in many such posts in that page responsible for such act. Many of my friends got fooled by this trick. But even after I explained the reason, people continued to do the same. I just can say that it can be quite irritating and there are no such ways to hack facebook with the XSS and a few clicks, here are some of the reactions of the people after they spammed many people after they did what the page said. And I’m just trying to make people aware of this, but ‘who cares’??