Is that you? Malicious Facebook scam doing the rounds
Social media hoax hijacks Facebook accounts to spreads adware among friends
If you receive a message on Facebook's Messenger from a friend asking you to open a particular video, don't do it – it’s most likely malware.
It’s part of a malware campaign that began last year and tagged by experts at Kaspersky Lab and others such as Hoax Slayer, a website dedicated to unmasking social media scams.
In one version of the scam sent to this writer, you receive a message on Messenger with your image derived from Facebook with the question “Is that you?” followed by your name. The word "video" appears at the bottom of the link. When you click on it, it sends you to a fake YouTube channel page complete with a YouTube logo. If you click on that, you are directed to a website that looks like a Messenger login page, asking for account details before the video can be played. There is no video however; the message is rigged, designed to steal Facebook account login details or trick victims into installing malware. If you receive one of these messages from a Facebook friend, it most likely means that your friend’s account has been hijacked, and their account used to send malicious links.
The malware is basically an adware, and will use your credentials to send you a relentless number of spam adverts.
Facebook users can secure their accounts by enabling two-factor authentication, where they will be asked to enter a special security code or confirm login attempts each time someone tries accessing Facebook from a computer or mobile device that the social network does not recognise.