Scam Alert: ‘Color Change’ App on Facebook

Over 10,000 people have already been affected by the new ‘color change’ app that is circulating around Facebook according to Cheetah Mobile. While this new application makes the claim that you can change your Facebook profile to a variety of exciting colors, it is actually a scam. The virus coined as the “Facebook Color Scam” by a Cheetah Mobile Blog Post is actually an app designed to leak malware. If you select the application to download, you will be led to a phishing website.

For those of you unfamiliar with phishing, it is any website that is designed to acquire your sensitive information by pretending to be a trustworthy site.

Two ways have been identified in Cheetah Mobile’s Blog Post as to how this app is infecting its users. The first method is by encouraging users to view their tutorial video. This will temporally allow hackers to connect to your Facebook friends. If you bypass the video, the second way it can weasel its way into your information is by encouraging you download an additional application. Depending upon whether you are using your computer or phone, this application can vary from a pornography video player to a warning message encouraging you to download the application to protect your phone from malware.

Despite this upsetting news, if you have downloaded the app, you can breathe easy. Cheetah Mobile tells us that if you have watched the tutorial to simply change your password and delete the ‘color change’ app. For additional protection, they encourage the use of the CM Security and Clean Master.

It’s no surprise that a major social media website like Facebook would pick up a dangerous application with so many tutorials on how to create one all over the internet. Sites such as: eHow, Nix Solutions, and various pages on Facebook teach how to create basic up through complicated applications. This is however, the second time a color changing Facebook profile application has infected Facebook users.

Future Scam Protection

Falling subject to downloading a vicious application is something that anyone can fall subject to. However, there are several things to keep in mind in your downloading to try to keep yourself from falling into someone’s malware trap:

1. Do your homework. As with any application you are thinking about downloading, it is recommended that you do your research first. Thoroughly inspect the application’s page. Find the answers to basic questions such as: How many people have downloaded it? Did it get 4 or 5 stars? Who made this app? Have they made other popular apps before?
2. Don’t be a guinea pig. In my personal recommendation, don’t be one of the first ones to download any new app regardless of how great it looks. Though I tend to be more on the conservative side in my personal application downloading (I like to see quite a few thousand users enjoying an app before I will even give it the time of day), erring on the side of caution is better than having to deal with the consequences.
3. Just because it’s free doesn’t mean you shouldn’t do your research. In addition to paying close attention to the application’s page, research the app on the internet before downloading.  Just like you would read product reviews before purchasing something off Amazon or Ebay, wouldn’t you want to research your apps before you give them access to all your personal information? For the sake of you and your friends’ privacy, do yourself a favor and Google the application before you download to check out user reviews or blogs on scam warning website. If the app has existed for long enough and it is a scam, someone will have posted a complaint.
4. If it looks ‘phishy’, it probably is ‘phishy’. As with everything on the internet, when research fails use your best judgment. If it looks like a ‘phish’ and smells like a ‘phish’, chances are the creator is phishing.