Researchers at Symantec have spotted attackers using fake Facebook accounts to post links to view free movies and sporting events in the comments of popular articles and posts on Facebook, Buzzfeed, ESPN, and the Huffington Posts that lead to tech support scam sites, according to a Symantec blog post.
Attackers first post scam-free comments then return five to ten minutes later to edit their posts to include a malicious link. Once a user clicks on the link and attempts to play the content they are redirected through AdCash, a site known to host malicious advertisements, to a site that mimics the tech support websites for a user's device.
The pages contain false warning messages designed to trick victims into thinking their devices were infected with malware. and compel them to call the scammers, where they're then asked to provide sensitive information.