A hoax is spreading like wildfire on Facebook, claiming that hackers are posting pornographic movies on users' walls which are invisible to the owners of the wall but are visible to friends and family.
You can imagine how that would be pretty embarrassing if it were true. Fortunately, it's nonsense.
Here's what a typical message looks like, spread by a Facebook user who thinks they are warning their friends - but really perpetuating the hoax.
ATTENTION FRIENDS! HACKERS ARE DOING DAMAGE AGAIN ON FACEBOOK! PORNOGRAPHIC MOVIES ARE BEING POSTED ON OUR BEHALF ON THE WALLS OF OUR PROFILES! WE DO NOT SEE THEM, BUT OTHER PEOPLE DO, AS IF IT WERE OUR PUBLICATION! SOMETIME EVEN OUR SUPPOSED Comments APPEARS. IF YOU SEE SUCH A THING IN MY HOMEPAGE, ALERT ME AND DO NOT OPEN IT BECAUSE IT IS A VIRUS! ...COPY AND RE POST THIS MESSAGE
Here are a couple of other versions of the message:
THE HACKERS ARE PUTTING SEXUAL VIDEOS TO YOUR NAME IN THE WALLS / PROFILES OF YOUR FRIENDS WITHOUT YOU KNOWING IT. YOU DONT SEE IT, BUT OTHER PEOPLE CAN SEE IT, AS IF THESE WERE A PUBLICATION THAT YOU MADE! ALSO, THEY'RE SENDING INBOX MSGS TO YOUR FRIENDS ASKING YOU TO CLICK A LINK. DON'T DO IT!! SO IF YOU RECEIVE SOMETHING FROM ME ABOUT A VIDEO OR A STRANGE INBOX MESSAGE, IT'S NOT ME!
Hackers are busy on Facebook. They are posting insulting messages on the walls of your friends with your regards without you knowing about it. They are also sending out X-rated pictures. If you receive one of those messages in my name, it isn't from me. I would NEVER disrespect any of my FB friends! Put this on your wall and warn your friends. Share the news! And please tell me if something is on your wall that is supposed to have come from me
The message is, of course, nonsense and users should not repost the warning.
We have not seen any evidence that hackers are able to post content to a compromised Facebook wall that the owner of the account cannot see.
The fact that the bogus warning tells you that it's invisible to your eyes just adds to the panic, of course.
Yes, scammers have often posted thumbnails of what appear to be pornographic videos to compromised Facebook users' walls, but we have never seen any incidents where the post was *invisible* to the user.
Although a hoax is nothing like as bad as a piece of malware squirming its way between users and stealing information, it's still a nuisance, clogging up communications, increasing the overall level of spam and perhaps leading people to make bad decisions.
There's an important lesson here - don't believe everything you read on the internet, and think twice before you pass a story on to your friends.
Keep your wits about you and stay informed about the latest scams, hoaxes and malware attacks spreading fast across Facebook. One of the best ways to do that is to join the Sophos Facebook page, where more than 140,000 people regularly share information on threats and discuss the latest security news.
About the authorGraham Cluley is senior technology consultant at Sophos. The readers of Computer Weekly voted him security blogger of the year in 2009 and 2010, and he pipped Stephen Fry to the title of "Twitter user of the year" too. Which was nice. He was also named "Best Security Blogger" by the readers of SC Magazine in 2011. You won't find Graham on Facebook, but for daily updates follow him on Twitter at @gcluley.