Cybercriminals Use Social Engineering for Facebook ‘Phorno’ Video Tagging

Think before clicking

(SDN) — Cybersecurity experts have time and again been warning internet users to beware of suspicious links, and to not click them.

Otherwise you’ll end up giving away your personal data that cybercriminals can use for social engineering to steal victims’ personal information. And you’ll be the loser, either your money, or reputation. Or both. You can only cry if you did, for there’s no mercy from these cyber bad guys.

A very recent example was on Facebook, the comments section, where unsuspecting users of the giant social media platform were tagged by individuals not on their friends’ list.

It turned out the links when clicked by unsuspecting users brought them to a phornographic video site, or malicious video as being called out. From there, social engineering takes place.

The incident prompted the Department of Justice (DOJ to warn users tagged in the said posts on Facebook to not click the link that led to an “adult video”.

Doing so would activate the malware being used by the perpetrators to steal personal data of victims.

“When clicked, it will result in the automatic and random tagging in the same post of other Facebook account users,” the DOJ Office of Cybercrime (DOJ-OOC) said as quoted by GMA News Online.

The Russia-based Kaspersky  global cybersecurity and digital privacy company issued a statement on the adult video tags through General Manager for Southeast Asia at Kaspersky Yeo Siang Tiong.

GM Yeo Siang Tiong of Kaspersky APAC
Kaspersky General Manager for Southeast Asia Yeo Siang Tiong in an interview with SDN — Science and Digital News at the sidelines of the Kaspersky Cybersecurity Weekend in Yangon, Burma, in 2019. (File photo by SDN – Science & Digital News)

Here’s the complete statement from Kaspersky advising users of Facebook and other internet platforms.

Yesterday, some social media users reported to have been tagged in malicious videos without their permission and by people they do not know. This is not the first time this has happened. But it appears to be an example of social engineering that cyber attackers use to get victims to respond by clicking on an infected attachment.

Social engineering is a manipulation technique that uses human psychology that cyber attackers use to trick someone or to lure unsuspecting users to expose data, spread malware infection, or give them network or computer access.

Scams based on social engineering are built around how people think and act. Attackers may use emotional manipulation to convince you to take an irrational or risky action that you otherwise wouldn’t. Fear, excitement, curiosity, anger, guilt, and sadness are emotions normally used to convince an unaware, clueless person.

On social media, trust is important among users and it is also essential in a social engineering attack. Users are usually tricked by accounts they follow, usually under the names of people they know and trust.

As social engineering is an attack against a human being, not machine, we advise internet users to take basic measures to protect themselves. We recommend the following:

1. It’s cliché but the rule of thumb in internet security is always think before clicking.

2. Set a strong password.

3. On social media, take advantage of the security and privacy features of your favorite platform. You can control who can tag you or who can see your posts. Because Facebook regularly makes changes to their settings, it’s worth your attention and time to check your own saved settings from time to time to update it for maximum privacy. (/)


About Kaspersky

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 240,000 corporate clients protect what matters most to them. Learn more at

Don't be shy, comments are welcome! Thank you.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: