If you come across any message on Facebook Messenger with a video sent by anyone, even your best friend, do not try to see it.
Security researchers Kaspersky Lab identified a continuing multi-platform malware promotion campaign on Facebook Messenger. Facebook Messenger users get a video link that redirects them to a fake site asking them to install malicious software.
Attackers use social engineering to trick users into clicking on a video link allegedly coming from a Facebook friend with the message "<friend name> Video" followed by a link to bit.ly service as shown.
The URL redirects the victims to a Google doc that displays a dynamically produced thumbnail, such as a playable movie, based on the images provided by the sender, which, if someone clicks, redirects it to another custom page, depending on your browser and operating system.
For example, its users Mozilla Firefox in Windows is redirected to a site that displays a false notification of Flash Player update and then offers a Windows executable file, which is an adware software.
Its users Google Chrome redirected to a YouTube-like site displaying a pop-up message that causes the victims to download a malicious Chrome extension from the Google Web Store.
The extension is in fact a download application that downloads a file of the attacker's choice on the victim's computer.
Apple Mac OS X and Safari users end up on a website similar to that of using Firefox but adapted for MacOS users. It contains a false update to Flash Media Player, and with the click of the user it downloads a .dmg file which is also Adware.
The same is true for Linux users.
Attackers behind the campaign do not pollute the users of all malware platforms, but with adware that gives them ad revenue.
Let's mention once again that curiosity killed the cat. We recommend that you think very well when you see pictures or video links sent by anyone, even your friends. Verify with them and keep your antivirus app up-to-date.