Predictably, it links to the Facebook page set up for the "event", and on it is a list of things users are required to claim the gift card:
- Join the page
- Invite 50 friends to the event
- Share the event on their wall, and
- Visit a linked page.
Users who have fallen for the scheme and install the app have now given it permission to post messages and other things on their profiles.
According to Bitdefender, the app immediately takes advantage of this - it posts a message "revealing" how many people viewed the users' profile and, of course, invites the users' friends to get the app for themselves.
Needless to say, the number it provides is bogus, and the only thing that the victims succeeded in doing successfully is to propagate the scam far and wide.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.