Predictably, it links to the Facebook page set up for the "event", and on it is a list of things users are required to claim the gift card:
- Join the page
- Invite 50 friends to the event
- Share the event on their wall, and
- Visit a linked page.
Users who have fallen for the scheme and install the app have now given it permission to post messages and other things on their profiles.
According to Bitdefender, the app immediately takes advantage of this - it posts a message "revealing" how many people viewed the users' profile and, of course, invites the users' friends to get the app for themselves.
Needless to say, the number it provides is bogus, and the only thing that the victims succeeded in doing successfully is to propagate the scam far and wide.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.