Facebook scammers punt fake 'sexy vid' of Emma Watson
Malware-flinging 'Guy Fawkes' YouTuber lurks behind
Scammers are taking advantage of Emma Watson’s growing popularity by using the Harry Potter star as bait to spread malware on Facebook.
The supposed “sexy videos” of the British actress – who has recently stood up against sexism in her new role as Goodwill Ambassador for Women – drop Trojans rather than the promised salacious content. More precisely, the malware poses as a Flash Player update supposedly needed to view the non-existent racy content.
The scam comes just weeks after a nude photo leak threat targeting Watson turned out to be a hoax by an outfit called Rantic Marketing operating through a site called “emmayouarenext.com”. The hoax sought to put pressure of the authorities to clamp down on the notorious 4chan image board, which was used to trade in naked celebrity nudies obtained through the recent iCloud hack against actress Jennifer Lawrence and others.
Romanian antivirus firm Bitdefender warns the dodgy videos offers are no marketing stunt but harbour several harmful Trojans. The malware involved in the scam is designed to snaffle personal data, steal tokens of legitimate apps and hijack Facebook sessions. To make money, the malware writers also subscribe victims to premium SMS scams.
“It all starts with a Facebook comment promising to reveal private or leaked videos of Emma Watson,” explained Catalin Cosoi, chief security strategist at Bitdefender. “The comments are automatically posted by users infected with the malware. As is the case with many Facebook scams, victims end up as marketers for cyber-crooks.”
He added: “When users click on the malicious links, they are redirected to a salacious YouTube copycat. Future victims are then asked to update their Flash Player to the latest secured version of Video Player, as an error allegedly prevents them from watching the leaked videos of Emma Watson."
The fake YouTube account used the Anonymous "Guy Fawkes" mask in a bid to make the leak seem more plausible to the unwitting. Screenshots and more details of the scam can be found in a post on BitDefenders’ Hot For Security blog here. ®