Phishing bait: Offer of a spider under the skin video clickjacks users into a survey scam.
Example:[Collected via e-mail, July 2011]
There is a video going around on FACEBOOK about a spider living under a girls skin. Very graphic and gross as there is a hole in her side and they are pulling some gross stuff out of The hole. This video is said to be a virus.
There are two new Trojan Spam Viruses going around. Both are videos. One is about a man dropping his daughter to catch a ball and the other is about a spider living under a girl's skin . DO NOT OPEN EITHER OF THEM !! Please repost !!!WARNING!!!
Origins: In a phishing scam similar to the Casey Anthony confession video hoax, in July 2011 messages were spread via Facebook entreating those of a prurient bent to examine a video showing a spider under a girl's skin.
There is no such video. Those who click the proffered link will find themselves confronted by an "Age verification" confirmation box that reads "Are you older than 18 years of age? Choose an option below. Click 'Jaa' to play." "Jaa" is Finnish for "share," which means those who activate the button grant their permission for the link to be shared with their Facebook network. In this manner, the unsuspecting initiate the dispatch of automated entreaties to view the non-existent video to all of their contacts, thus luring even more people into the scam.
Those who do click the "age verification" link will eventually arrive at a YouTube page where they will be asked to complete an online survey before being allowed to view the video. This survey generates traffic and revenue for the attackers. Some who clicked on the fake YouTube page have reported being taken to a hardcore porn page.
A later version of the scam offers a link to a video of a father who dropped his daughter to catch a foul ball at a baseball game. While there is video of such an occurrence,
the link offered in the Facebook phishing scam actually takes those who click it to the "spider under a girl's skin" con.
While such forms of phishing are not themselves viruses or trojans, they do sometimes entice the unwary into unwittingly downloading viruses or trojans via clickjacking — items labeled as one thing turn out to be very different things (e.g. the "Play" button mentioned above that instead grants permission for the scam to send notifications about the video to the dupe's contact list). While sometimes those "very different things" might be survey scams, at others they will be malware intended for installation on the user's computer. Therefore, it's a mistake to assume all buttons labeled "Play" or "Confirm" actually are what they appear to be.