Fake Browser Plug-in—A New Vehicle for Scammers:

Security researchers from Symantec have spotted a fake browser plugin-in currently circulating in the wild.

 How the infection takes place:

Once the end users are tricked into installing the fake YouTube themed browser extension, their User-Agent info is retrieved and accordingly, the fake plug-in is downloaded. For the time being, only Mozilla Firefox and Google Chrome plug-ins are being used.

The scam is currently circulating, using the [Video] Leakead video of Selena Gomez and Justin Beiber [NEW HOT!!] theme.

This isn’t the first time that scammers are relying on fake browser plugins and extensions as a propagation vehicle for their scams. In December 2011, researchers from WebSense have detected a malicious campaign where the scammers were successfully hijacking Facebook accounts using bogus browser extensions

 Scammers are always looking for different techniques to lure users .

Facebook users are advised to be extra vigilant when interacting with content shared on the most popular social networking site.

Additional Facebook Security Tips:

• Review your security settings and consider enabling login notifications. They’re in the drop-down box under Account on the upper, right-hand corner of your Facebook home page.
• Don’t click on strange links, even if they’re from friends, and notify the person if you see something suspicious.
• Don’t click on friend requests from unknown parties.
• If you come across a scam, report it so that it can be taken down.
• Don’t download any applications you aren’t certain about.
• For using Facebook from places like hotels and airports, text “otp” to 32665 for a one-time password to your account.
• Visit Facebook’s security page, and read the items “Take Action” and “Threats.”

source: symantec,zdnet