Facebook users are receiving fake notifications of being tagged in a friend’s post leading them to a malicious site.
Who Is It Targeting: Facebook users
What Is It: In this scam, the individual receives a notification on Facebook that a friend has tagged them in a video post. The video post uses the victim’s profile pic as its thumbnail so the victim is more likely to click on it. After clicking on the post, the victim is led to a malicious site posing as Facebook but with a different domain. From there, the victim is redirected to another domain that prompts them to install a chrome extension called, “Ozuji” in order to view the video. If the victim proceeds with the install, the fake extension can then read their browser history and change their data including financial details or Facebook login credentials. The app takes control of their Facebook account and continues to spread the malware by tagging their friends.
What Are They After: Personal information, account information
Anyone can be a victim of identity theft, anyone can use our services and anyone can help us help others. If you found this information useful, please consider donating to the Identity Theft Resource Center to help us keep our services free to the public.
For full details of this scam check out this article from Hackread.