The downside of popularity is that cybercriminals tend to abuse it for their own nefarious ends. Case in point, social networking sites have been often used to proliferate malware. Just recently, we spotted a Facebook clickjacking attack that leverages and abuses Instagram to point users to malicious websites.
Users encounter this threat by being tagged in a photo posted by one of their contacts on Facebook. The post states that users can know who visited their profile on Faceboofk and how often. It also includes a photo posted via Instagram.
We noticed that the photo and the names used in the “Recent Profile Views” (see below) are used repeatedly for other attacks.
Should users decide to click the link, they are lead to a page with instructions on how to generate the verification code. Once done, a pop-up window appears, which is actually the Instagram for Facebook app asking users to click “Go to App” button. Once done, it redirects users to a page that looks like the Facebook Home page.