Bogus app says it shows who's viewed your Facebook profile
It's designed to appeal to both the vain and the paranoid, which is presumably why a new piece of Facebook malware is spreading so fast.
A link to a bogus app is appearing next to a message reading: "OMG ... I can't believe this actually works! Now you really can see who viewed your profile!"
But clicking on the link leads to a web page where users are asked to allow the app to access their Facebook profile data.
"Scams like this have been used to earn commission for the mischief makers behind them, who have no qualms about using your Facebook profile to spread their spammy links even further," says Sophos senior consultant Graham Cluley.
"Because if you do continue, you'll find that your profile will be yet another victim of the viral scam - spreading the message to all of your online Facebook friends and family. And no, you don't ever find out who has been viewing your profile."
The app clearly has enormous appeal, with over 60,000 people clicking on the link within the first few hours. But Facebook says users shouldn't be fooled.
"On Facebook, there's no way to see who has visited your profile. We've also prevented others from providing this functionality," says the company.
"We're working hard to block and remove websites, Pages, and applications that claim to do this. If you see one, don't be fooled, and report it to us immediately."