The recent introduction of a Facebook video calling partnership with Skype has garnered plenty of attention, but unfortunately, not all of it is good. Scammers looking to generate referral fees through link clicks have introduced a fake Facebook app that can easily trick unsuspecting users.
The app, named Video Calling, spreads itself through infected accounts by spamming the social networking service with links labeled “Enable video calls”. Clicking on the link takes you to the fake Video Calling page, which entices unsuspecting users with a “Get Started” button.
Upon close inspection of the permissions, however, there’s obviously something odd. The bogus app asks for access to your basic information, your wall, your news feed, and data access at any time. Those are some hefty permissions, and they don’t have anything to do with video calls.
Of course, the real service doesn’t install like other Facebook apps but is instead accessed through a particular Facebook page, so those already familiar with the service are unlikely to fall for this façade. Those who have only heard of the feature in passing, however, won’t be as suspicious.
The good news? The payload of this threat isn’t serious. Besides posting referral link spam, there’s little harm done. Still, users should be on alert for threats like this both on Facebook and on Google+, as not every social engineering attack is so mundane.