WARNING: Facebook Coca-Cola Scam Spreading Fast


Viral videos are usually a great laugh, which is why they spread so quickly and the reason they get called viral in the first place. But the laughter soon stops when the bad guys use the lure of a viral video to launch a clickjacking attack.

coke.jpg Security researchers at Sophos are warning that scammers have struck on Facebook with a message that is spreading fast by proclaiming "I am part of the 98.0% of people that are NEVER gonna drink Coca Cola again after this HORRIFIC video" and which includes a link.

What makes this particular attack stand out from recent clickjacking exploits, is the fact that the bad guys ensure that people will pass the message to their Facebook friends by telling them that in order to actually view the video they have to share it with at least seven members.

Of course, it doesn't actually matter how many times that link is shared because there is no video to play. It looks like there is, with a thumbnail of a video showing a Cola bottle and the words 'Coke can't hide its CRIMES' but it's just a thumbnail and nothing more. The social engineering psychology comes into play by including a link which says "Click here To Skip Posting and Reveal The Content" instead of continually checking to see if you've passed the link to enough people. coke2.jpg If you hit this link, you get taken to a survey section which harvests personal information.

"With this Coca Cola scam, users are actively sharing the post numerous times and then they're volunteering personal information - all because the temptation to see a video is too much to resist" says Graham Cluley, the senior technology consultant at Sophos adding "the users who try and watch this video have no way of knowing how their personal information may be used - the only people who will benefit are the scammers behind the attack".

As usual, if you have already fallen for this particular scam then you are advised to go to your profile and click on the info tab from where you can remove the scammer pages from the 'likes and interests' section.

Member Avatar
Davey Winder

I've been a freelance word punk for more than two decades and for the last few years an Editorial Fellow at Dennis Publishing. Along the way I have been honoured with a Technology Journalist of the Year award, and three Information Security Journalist of the Year awards. Most humbling, though, was the Enigma Award for 'lifetime contribution to IT security journalism' bestowed on me in 2011. As well as working for DaniWeb I have been a Contributing Editor with PC Pro (the best selling IT magazine in the UK) for twenty years.

Isn't it about time forums rewarded their contributors?

Earn rewards points for helping others. Gain kudos. Cash out. Get better answers yourself.

It's as simple as contributing editorial or replying to discussions labeled or OP Kudos

This is an OP Kudos discussion and contributors may be rewarded
Start New Discussion
View similar articles that have also been tagged: