A malicious virus appears to have cracked the Facebook privacy firewalls and is sending thousands, perhaps hundreds of thousands of personal messages that appear to be from friend-to-friend, suggesting they are appearing in a YouTube video and providing the supposed link to view it. Instead of actually seeing a video, the virus advises viewers they need to download an updated version of Flash, which if followed may install a virus into the user's computer.
The Facebook messages, which innocently appear to come from previously accepted friends, feature subject lines ranging from "Hello" and "Good Morning" to "Is This You?" and "Hi My Friend." The messages ask if the linked video has captured the receiving party in some type of compromising position. Messages include: "Smile! You were recorded by a hidden camera;" "I see you in this attached video. When was it?;" "Your ass looks not bad in this video;" and "Is that you making love?"
While the unauthorized messages began their spamming attack slowly over the weekend, by late Sunday it appears many Facebook subscribers were receiving multiple spam messages from several friends. An effort to track the offending link bore no results, although one response led to a message from Poland-based WMSoft, producer of WMAlias, which is a URL masking and aliasing system.
Return messages reach their intended destination, with parties confirming they played no role – direct or indirect – in sending the original spam invitations. This is among the first real threats to the integrity of the Facebook messaging system, which has become an increasingly prominent communications tool for business executives as well the social network's original student user base.
JackMyers Media Business Report is currently investigating another Facebook scam, which uses fictitious profiles to deceive users into accepting a popular application.