Facebook users are receiving fake notifications of being tagged in a friend’s post leading them to a malicious site.

Who Is It Targeting: Facebook users

What Is It: In this scam, the individual receives a notification on Facebook that  a friend has tagged them in a video post. The video post uses the victim’s profile pic as its thumbnail so the victim is more likely to click on it. After clicking on the post, the victim is led to a malicious site posing as Facebook but with a different domain. From there, the victim is redirected to another domain that prompts them to install a chrome extension called, “Ozuji” in order to view the video. If the victim proceeds with the install, the fake extension can then read their browser history and change their data including financial details or Facebook login credentials. The app takes  control of their Facebook account and continues to spread the malware by tagging their friends.

What Are They After: Personal information, account information

How Can You Avoid It: If you receive a suspicious notification, your Facebook friend may have fallen victim to this scam. . Anytime a website redirects to another website, there should be a notification. Always review the domain and do not download extensions without understanding the privacy policy of an app. Google has since removed the Ozuji extension, so you should never receive any alerts  of this kind. Beware of other extension like this.

Anyone can be a victim of identity theft, anyone can use our services and anyone can help us help others. If you found this information useful, please consider donating to the Identity Theft Resource Center to help us keep our services free to the public.

For full details of this scam check out this article from Hackread.