The IT security vendor is advising Facebook users to avoid offers to download an “official dislike button”, which the firm claims has spread virally across the service. Sophos has identified two different versions of the ruse thus far, both with tiny URL links to rogue applications.
According to Graham Cluley, a senior technolgy consutant for Sophos, this rogue Facebook application capitalizes on a feature that many account holders have been advocating for.
“If you do give the app permission to run, it silently updates your Facebook status to promote the link that tricked you in the first place, thus spreading the message virally to your Facebook friends and online contacts”, Cluley wrote in his security blog.
“But you still haven't at this point been given a ‘Dislike’ Facebook button, and the rogue application requires you to complete an online survey (which makes money for the scammers) before ultimately pointing you to a Firefox browser add-on for a Facebook dislike button developed by FaceMod”, Cluley warned.
Cluley went on to say that Sophos has no indication that FaceMod is participating in the scam, adding that its legitimate application is simply being used as a lure.
He also implored Facebook users to be wary of so-called recommendations from a friend, as they carry the potential to be unwanted rouge apps, even though they masquerade as being promoted from a trusted source.