Outline Message posted via Facebook asks recipients if they have seen a photo they were tagged in and includes a link that supposedly allows them to view the photograph.
The link in the post leads to a rogue Facebook application that will spam out more messages promoting the rogue app. It also tries to trick the user into visiting third party website and filling in bogus surveys. The surveys attempt to trick users into divulging personal information or signing up for expensive online and SMS services. Note that this survey scam is not related to a months old hoax message that falsely claims that there is a destructive virus on Facebook that users your pictures. (Please see detailed analysis below for more information).
omg hahah have u seen this photo u got tagged in LOL -----> stum************** !
Messages currently being posted via Facebook ask "have u seen this photo u got tagged in" and suggest that you follow a link to view the photograph.
However, clicking the link will not open a photograph that you were supposedly tagged in. Instead, you will be taken to a Facebook application that asks for permission to access your Facebook settings and Facebook chat. If you allow permission, the application will post messages in your name via chat and, possibly, other areas of Facebook.
The application will then display a pop-up window that claims that before you view the photograph, you must first complete one of several available surveys as a means of verifying your identity. If you click one of the links, you will be taken to a third-party website where you may be presented with a series of "offers", "surveys" and "competition entries" that request more information such as mobile phone numbers, occupation and income details. Some note in the "fine print" at the bottom of the webpage that by entering the competition or participating in the "offer", the user is giving permission for his or her email address and phone numbers to be shared with marketing companies or "site partners". Others try to trick users into signing up for absurdly expensive SMS "services" that are billed at several dollars per text. And, each time that you complete one of these surveys or offers the scammer who created the app will earn a commission for his trouble.
This "tagged in a photo" version of the scam has caused a lot of confusion on Facebook because the spam messages it uses seem to give validity to a much earlier warning that began circulating back in 2010. A copy of this "warning" is included below:
VIRUS on FB using your pictures. It says you have been tagged in a picture, wants you to click on a link to see it, then hacks into your computer & all your accounts, including banking & other secure accounts. It destroys your computer. Once hacked into your computer, it sends ...e-mails to your friends telling them they have been tagged in pictures & starts the process again PLEASE RE-POST
However, this warning is a hoax and does NOT describe a real threat. The "photo u got tagged in" rogue app is NOT a virus, nor will it hack your computer and steal information. And it certainly does not destroy your computer. Although the hoax virus warning may, at first glance, appear to have relevance to the rogue app, it in fact has no relation whatsoever. The rogue app does not behave in any way like the fictional virus described in the hoax message. And the hoax was circulated long before the rogue application was created. Therefore the hoax message is NOT a valid warning about the rogue app and should not be passed on as such. Passing on the hoax message has only caused confusion and misunderstanding among Facebook users.