Facebook Fan Check virus rumours are driving users to more danger

Facebook logo
Hackers are exploiting Facebook virus fear

This week has seen a tornado of warnings spread via social networking sites and online forums warning Facebook users to be wary of an application called Fan Check.

"It's a virus!" many of the messages have claimed. And helpful online friends have forwarded the message and retweeted it to their buddies without a moment's thought of checking the facts.

As a result, in less than 12 hours the number of active users of the Facebook application plummeted from 12.5 million a month to less than 6 million.

But the truth about the 'Facebook Fan Check Virus' is a little more complicated than that.

We've seen no evidence that the Fan Check application, which claims to gather information about who has been checking out your profile page on Facebook, is malicious.

It may be buggy, it may be inappropriate, but we've seen no signs that it is viral as many internet rumours have claimed.

But what is certain is that hackers are exploiting fear about the Facebook Fan Check application to infect innocent users' computers.

Malicious hackers have created websites pretending to be about the Facebook Fan Check Virus, but which really host fake anti-virus software which display bogus warnings about the security of your computer in an attempt to get you to install fraudulent software and cough-up your credit card details.

As these malicious websites are currently appearing high in Google's search results, many users worried about the Fan Check application are actually being driven to a much greater danger.

So, check your facts before spreading warnings about a "dangerous application" on Facebook, and always exercise caution when searching the web for information on a new threat.

It may make sense to visit a legitimate security website rather than a webpage set up on the hoof by opportunistic hackers.


Graham Cluley is senior technology consultant at Sophos, and has been working in the computer security field since the early 1990s. When he's not updating his other blog on the Sophos website you can find him on Twitter at @gcluley.