Would you download and install a plugin from an unknown source?
Cybercriminals have launched a new spam campaign on Facebook that’s offering users a $100 Applebee’s gift card – and all you have to do is download their browser plug-in.
Of course, that browser plug-in won’t hand over any complimentary Applebee’s gift cards like the offer states. No, instead it will flood all of your Facebook friends with spam messages linking them to the same bogus offer – along with an assortment of other scam offerings.
Here’s the spam message that you will need to watch out for:
This week only! $100 Applebee’s Gift Card Giveaway!
Visit our site to get a complimentary $100 gift card and enjoy your favourites at any Applebees in the country. Have a great start to the new year!
Another variant reads:
WOW I cant believe that you can get it so fast!
Get your free $100 Applebee’s Gift card now
A laundry list of domains are being used and they appear to change frequently, but the ones mostly shared are “www.applebeesXXXXX.com”, with the the X’s referring to a random combination of numbers.
Once you click the advertised link, you will be taken to a spoofed site intended to make you think that you’re viewing the offer on Facebook.
Pressing ‘Click Here to Begin’ will initiate the download of the rogue browser extension, which Firefox will prompt you to either Allow or Deny.
Unless you’ve always had some odd desire to become a spammer or you intend on pissing off your entire friends list, it’s strongly advised that you do not install this plug-in. You will NOT get a $100 Applebee's gift card.
Instead, whenever you see messages related to the $100 Applebees gift card offer, you are urged to do the following:
- Mark the wall posts advertising this offer as spam by clicking the ‘x’ at the top right corner of the message.
- Warn your family & friends to steer clear of this special offer and avoid downloading any browser plug-ins from untrusted sources.
If you’ve already fallen for the scam, it would be in your best interest to delete any messages posted by the malicious browser plug-in and remove the troublesome browser plug-in. Instructions on how to remove plug-ins for Firefox and Chrome can be seen here.
Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.