Over 200,000 Facebook users have fallen prey to a ‘like-farming’ scam promising two free Audi R8 cars, with thousands joining the victim list each hour.
According to Bitdefender, the bait spreads on fraudulent web pages and Audi communities, targeting car lovers with malicious videos depicting an Audi R8 racing against a Nissan GT-R.
The misleading Audi page, at the time of analysis, had gathered almost 180,000 likes and over 210,000 shares. To maximise the scam as quickly as possible, the fraudsters announced a deadline of today (20th November) for the competition.
Bitdefender was already detecting a tricky javascript within the websites hosting the videos as JS:Trojan.JS.Likejack.A. This malicious code is used for clickjacking on hidden commercials.
Victims include those from the UK, Germany, Denmark, the US, Australia, South Africa and Malaysia.
"Like-farming may not seem the worse things scammers can do on Facebook. However, it has repercussions for users and companies’ reputations and can even lead to identity theft," states Catalin Cosoi, Chief Security Strategist at Bitdefender.
"Like-farming Facebook pages use the high number of fans to launch other fraudulent activities such as malware and survey scams to a wide audience. The database of unwary users can also be sold on the black market and used for more targeted attacks."