MANILA, Philippines - Users of Facebook are warned to keep it safe this Valentine season - from "clickjacking."
Online security firm Trend Micro recently revealed an online scam on Facebook primarily victimizing users, using Mozilla Firefox and Google Chrome web browsers. The scam shows itself as an ordinary post from an infected account inviting other users to install a Valentine's theme on their Facebook profile.
Clicking on the post will redirect users to another page which will ask to install theme. But what will really be installed is a malicious file FacebookChrome.crx. Trend Micro detects the file as TROJ_FOOKBACE.A and will execute scripts to display ads from certain website.
In addition, it will install an extension Facebook Improvement, Facebook.com, on your browser. The browser is said to monitor the user's browsing activities as well as redirect them to a survey page asking for their mobile number.
If you are using Microsoft's own Internet Explorer (IE) browser and you clicked on the post, you will be directly redirected to the same survey page without asking you to install anything.
The attack, Trend Micro said, is mainly intended for Chrome and Firefox users.
Regardless of what operating system the user is using, anyone using Chrome and Firefox browsers are vulnerable to the attack. Trend Micro said that it hasn't identified how many users are already affected by the malware, but it is not the first of its kind.
The US State Department renewed its warning about the risks of travel to the Philippines, in particular to the Sulu archipelago, certain regions and cities of Mindanao and the southern Sulu Sea area. In an update on Wednesday of a travel warning it issued Nov. 20, 2014, the State Department said US citizens should continue to defer non-essential travel to the Sulu archipelago due to the high threat of kidnapping of international travelers and violence linked to insurgency and terrorism there. …