The message saying "U.S. Attacks Iran and Saudia Arabia. F**k :-( [LINK] The Begin of World War 3?" started popping up on Facebook news feeds on Friday, and has since spread rapidly.
The users who fall for the scam are taken to a fake CNN webpage that supposedly has some footage of the invasion. In order to view it, the user is asked to install a new version of Adobe Flash Player.
Unfortunately, the file is actually a fake AV solution.
Sophos Senior Security Advisor Chester Wisniewski pointed out to IT World that after the scam first emerged it took only 3 hours for over 60,000 users to follow the link. "The bad guys are rotating through scam pages trying to stay ahead of Facebook," he commented.
And if seems the malicious status updates pop up without the users knowing about it, which would explain how the scam spread so quickly. Their accounts have likely been compromised, but it is unknown whether it was through phishing or flaws in the platform or the users' browsers.
Facebook confirmed that they were actively taking down the offending messages and helping users to regain control of their accounts.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.