Hackers are reportedly evading spam filters on Facebook’s popular comment plugin to carry out a "technical support scam" for various operating systems, including Windows and Mac.
Pop culture and sports pieces on BuzzFeed, ESPN and the Huffington Post are being exploited ostensibly to offer free access to streams of films still being shown in the cinema, before the attackers redirect users to a site AdCash, where they are scammed.
To do this hackers present victims with a warning message that their computer is in danger, before offering to supposedly help fix it for them.
Satnam Narang, senior security response manager at Symantec, which uncovered the scheme, wrote online that such technical support scams are not new, but that hackers have recently ditched cold calling as a means of carrying them out.
"Instead, they buy up ads and use scare tactics to convince victims to grant them access to their computers," he said.
"These scare tactics may display a pop-up that claims that a virus has been detected on the compromised computer or device, or that the computer or device’s operating system has crashed."
In a bid to avoid spam filters the attackers are posting messages and inserting links into them five or ten minutes later, whilst also posting marketing for whatever service they are supposedly encouraging users to try.
The hackers also use phoney Facebook pages to disguise their activity, and are said to be targeting not only Windows computers, but also Mac OS X machines and iPhones.
"If you’re an avid follower or reader of any of these popular websites, watch out for comments advertising anything for free," Narang said.
"Even if people like the posts or leave positive comments about it, more often than not it’s a scam."
