Bitdefender Safego The New Social Network Protection

Posts on your wall, comments from friends, status updates. These are the tools that help you build your online social interactions. But don’t forget that your online social life relies on a crucial ingredient: your friends’ trust in you. So why let infected links, spam or deftly crafted scams step in and spoil your fun? After all, we’ve all had enough of the “see who viewed your profile” tricks and of its countless siblings.

 

Using in-the-cloud scanning, Bitdefender Safego protects your social network account from all sorts of e-trouble: scams, spam, malware and private data exposure. But, most importantly, Safego keeps your online friends safe and …close.

 

 

To install the app Click Here

Want to see who has viewed your Facebook profile? Take care..

I’m increasingly being asked by folks on Facebook if it’s possible to tell who has been viewing their Facebook profile. A number have been attracted to webpages and Facebook applications that claim to be able to give you a secret insight into who is spying on your profile.

 

Well, if you’re one of those people who are curious about who might be watching you online, take care.

 

Right now we’re seeing a significant number of Facebook users posting messages such as:

OMG OMG OMG... I can't believe this actually works! Now you really can see who views your profile!!! WOAH

and

See who views your Facebook profile in real-time!!!

 

However, like the “Justin Bieber cell phone number” scam and the “This mother went to jail for taking this pic of her son!” scam, the links pointed to in your friends’ status updates are not to be trusted.

 

If you make the mistake of clicking on the link to one of these pages offering to tell you who is viewing your Facebook profile, you will find that the people behind the “services” want you to do a few things first.

 

For instance, they’ll ask you to “Like” their pages (which means you are spreading the link to friends in your social network), and they will ask you to advertise their site by posting an “OMG” message (with a link) to at least five different places on Facebook.

 

After all that hard work you would hope that they would give you access to the powerful Profile Spy app wouldn’t you? But I’m afraid your luck is out.

 

They’ll next ask you to hand over your personal information by taking numerous surveys – before ultimately trying to trick you into handing over your cellphone number which they’ll sign up to an expensive premium rate service.

 

 

Remember, this scam doesn’t work as the result of clickjacking, or a vulnerability on Facebook. The scammers are achieving their ends because of human gullibility – pure and simple. If people considered what they were doing and thought twice about the possible consequences then we would see nothing like as many of these attacks occurring, and our news feeds on Facebook would see less spam.

 

 

Read More…

 

Horrific photo forced photographer to kill himself? Don’t be too quick to click

After a week full of clickjacking attacks, we’re seeing other dodgy links being spread widely between Facebook users who should perhaps know better.

 

One that I have seen crop up a lot, is appearing in the status updates of Facebook users with phrases like:

This horrific photo forced photographer to kill himself! http://tinyurl.com/VerySadPhoto

and

This horrific photo forced photographer to kill himself! http://tinyurl.com/HorriblePic

Clicking on links like these can take you to Facebook pages which names such as “Man Commits Suicide 3 Days After Taking This Photo”.

These Facebook pages force you to first “Like” them and then republish the link on your own Facebook page (advertising it to your online friends) before you eventually get to see the photograph.

Just ask yourself this – do you really want to recommend a page to your friends, before you know what lies behind it? For all you know, you could be passing on a link which will ultimately take your online pals to a phishing page or malware.

 

As it happens, the pages are lying in any case.

 

The photograph – of an emaciated young girl in Sudan – was taken in March 1993 by prize-winning South African photo-journalist Kevin Carter. Carter did kill himself – but it was over a year later in South Africa, not three days after the photo was taken as claimed by the Facebook links.

 

You can probably imagine, however, that people would easily agree to publish the link to all their friends – in their morbid interest to see the photo – and thus help it spread quickly.

 

In fact, it’s no surprise that links like these are spreading so quickly and virally across Facebook, when popular pages such as “I like your makeup…LOL JK, it looks like you got gangbanged by Crayola” (currently 1.7 million fans and counting) have republished it to all of their followers.

 

Read More…

Perform a security scan by Symantec Security Check

Is your computer safe from online threats? The Security Scan performs the following tests and offers recommendations based on the results:

Hacker Exposure Check
Checks whether your computer allows unknown or unauthorized Internet communications.

Windows Vulnerability Check
Checks whether basic information about your computer, including your PC’s network identity, is exposed to hackers.

Trojan Horse Check
Checks whether your computer is safe from Trojan horses.

 

 

The Facebook Friend Suggestions security scare

Warnings are being posted all across Facebook suggesting that users who have received multiple friend suggestions are really infected with a computer virus.

 

A typical version of the warning reads as follows:

VIRUS WARNING: ANYONE WHO HAS GOTTEN A TON OF FRIEND SUGGESTIONS BE CAREFUL! IT IS A VIRUS! IF YOU ACCEPT THEM THEN YOUR ACCOUNT WILL SEND OUT ABOUT 85 TO SOMEONE ELSE!!! WARN YOUR FRIENDS NOW! This is a new virus that is sending requests to spread. DO NOT ACCEPT FRIEND SUGGESTIONS AT THE MOMENT!

The reality, however, is somewhat different. Most importantly, the behaviour and sightings of more than the usual number of Friend Suggestions are not a sign of a computer virus infection.

 

Instead, it appears that Friend Suggestions on Facebook now go to both parties, rather than just the one you specifically suggests takes up your suggestion of a new online connection.

 

So, imagine you are Tom, and you think that your friend Dick should become Facebook friends with Harry. You visit Dick’s Facebook profile, scroll down to where it says “Suggest friends for Dick” and choose Harry’s name.

Your suggestion that Dick should become friends with Harry doesn’t just go to Dick, but it will also now go to Harry as well. Presumably Facebook has made this change in order to encourage more users to interconnect.

 

But there’s more.

 

As Facebook reveals on its help pages about Friend Suggestions, Facebook can alsosuggest possible friends for you to connect with.

 

It does this by automatically examining “the networks that you are a part of, mutual friends, work and education information, contacts imported using the Friend Finder, and many other factors.”

 

Aside from the mysteriously ambiguous “many other factors”, the thing I find concerning there is the reference to Friend Finder.

 

What Facebook means is that they can suggest friends based upon email addresses that you may have imported into Facebook from your email account address book, perhaps when you first set up your account.

 

What many people may not realise is that even if you didn’t add everyone you imported from your address book as a Facebook friend, Facebook can still use those contacts imported from Outlook, Gmail, Hotmail, Yahoo, etc, in order to make future recommendations.

 

Therefore, Facebook may also see your email address in other people’s contact lists, and determine relationships based upon that.

 

If this bothers you (and I can perfectly understand why it would), then Facebook says you can tell it to remove the contacts from its suggestions system. Of course, it might have been better if you hadn’t offered up your address book to Facebook in the first place..

 

Facebook also says that you can change your privacy settings to prevent your profile from being visible to everyone as a potential friend suggestion.

 

More information about Facebook’s Friend Suggestions system can be read online here.

 

No doubt most of the souls forwarding and reposting this latest Facebook security scare to their profiles are oblivious to all these fine details, however, and are still believing that a virus is behind the suggestion messages that they are viewing.

 

Of course, it should still go without saying, that whether you receive a friend request or a friend suggestion, you should exercise caution about who you befriend on a social network – as it could be a cybercriminal rather than a long lost chum who is trying to access your profile.

 

Oh, and don’t forget. If you’re on Facebook you might want to become a Fan of Sophos on Facebook to ensure you are kept up-to-date with the latest security news.

 

 

By Graham Cluley, Sophos

 

Danger! Fake $50 iTunes certificate carries malware

 

 

Amid all the usual attacks posing as delivery notices from DHL and FedEx this morning, I spotted some malware that had been spammed out posing as an Apple iTunes certificate for $50.

 

The emails read as follows:

Subject: Thank you for buying iTunes Gift Certificate!
From: "iTunes Online Store" <software@itunes.com>
Attached file: iTunes_certificate_997.zip

Hello!

You have received an iTunes Gift Certificate in the amount of $50.00
You can find your certificate code in attachment below.

Then you need to open iTunes. Once you verify your account, $50.00 will be credited to your account, so you can start buying music, games, video right away.

iTunes Store.

 

Running the attached malware can infect Windows computers. Clearly the hackers are hoping that in your excitement about receiving a $50 iTunes gift certificate that you will throw caution to the wind and open the attachment.

 

Sophos detects the malware, contained inside a ZIP file, as Troj/BredoZp-AM andMal/FakeAV-BW.

 

 

By Graham Cluley, Sophos

 

Facebook disables chat after security hole discovered

Facebook has taken down its instant messaging-style system which allows members to chat real-time with each other after claims that the system suffers from a serious security problem.

 

According to a report by TechCrunch, a security flaw allows your Facebook friends to secretly spy on your private live chats as well as any see any pending friend requests that you have made.

 

In the past Facebook has insisted that privacy is its “highest priority”, but there isgrowing concern that the site has played fast and loose with the personal information of its 400 million users, encouraging them to share too much private data online and changing privacy settings to be more “open”.

 

A video has been posted on YouTube which allegedly demonstrates the security hole:

 

The news that Facebook has disabled its chat system suggests that they are working on fixing the security problem. Hopefully it will be resolved quickly.

 

But even if this security issue is fixed promptly there are other security issues on Facebook, as with any other social network, that need to be considered if you plan on continuing to use the site. Make sure you read our guidelines for better security and privacy on Facebook.

 

Oh, and you might want to become a Fan of Sophos on Facebook too to ensure you are kept up-to-date with the latest security news.

 

by Graham Cluley, Sophos

 

 

Canadian Pharmacy spammers set up shop on Twitter

At the beginning of this month I received an email telling me about someone new who had started following me on Twitter.

Their name was @canadianshop, and it was immediately apparent that they were promoting a Canadian online pharmacy via their account. These kind of websites are frequently promoted in email spam.

Like every other time you receive a new follower on Twitter, the service reminds you that you can report them for spam:

If you believe canadianshop is engaging in abusive behavior on Twitter, you may report canadianshop for spam.

 

But for once I decided not to. After all, this account was clearly spammy and I was curious to see how long it would take before someone else reported them and their account was suspended.

 

That was 24 days ago. And despite the @canadianshop account making no attempt to hide who they are – even their background wallpaper uses familiar imagery used in hundreds of thousands of emails to promote medications like Viagra and Cialis – they remain active on Twitter.

 

At the time of writing the account is following over 2000 people, and has 589 folk following it back.

In addition to its activities on Twitter, the account has also created a number of custom bit.ly links to promote its online stores which redirect to Canadian Pharmacy websites like the one below:

So, let’s hope the account gets shut down soon. I’ve reported it to Twitter now, and also dropped a line to the folks at bit.ly about the links in case they want to take action against those.

 

As if anyone needed reminding let me say it again – if you buy drugs online you’re not only putting your personal information at risk (remember these guys are prepared to spam and use scummy tactics to promote their sites, they possibly wouldn’t flinch at doing something naughty with your credit card details), but you’re also potentially putting your health in jeopardy.

 

By Graham Cluley, Sophos

 

Scareware hackers exploit McAfee false positive problem

Hackers are exploiting a problem with McAfee’s anti-virus product that has caused hundreds of thousands of computers around the world to repeatedly reboot themselves.

 

The New York Times (and many other news outlets) have reportedon the problems businesses suffered after a detection update issued by McAfee yesterday caused its anti-virus product to mistakenly detect a harmless Windows file, svchost.exe, as “W32/Wecorl.a” and caused computers to become inoperable.

 

To its credit, McAfee is discussing the problem on its online community forum, has apologised, withdrawn the buggy update, and advised customers on how to manually fix the affected computers.

 

But what might be making McAfee’s job of getting reliable information about the false positive problem out to the masses that much harder is that malicious hackers are exploiting the situation.

 

By using blackhat SEO techniques, cybercriminals have managed to get poisoned webpages high in the search rankings if you hunt for information on the McAfee false positive.

If you click on a dangerous link like this then you risk the chance of your computer being hit by a fake anti-virus attack (also known as scareware) which may attempt to con you out of your credit card details or trick you into install malicious code onto your computer.

 

Sophos detects the malware proactively as Mal/FakeAV-BW.

 

The last thing you want to happen if you’re searching for advice on how to fix a problem with the other computers in your company.

 

And it’s not just McAfee’s false alarm problem that these hackers are exploiting. Looking a little deeper at the poisoned domains, allows us to view a cache of hundreds of other pages that this gang have created around a wide range of topics.

Be careful out there folks..

 

 

* Image source: peasap’s Flickr photostream (Creative Commons)

By Graham Cluley, Sophos

 

Farm Town virus warning: Malvertising at work?

Players of the online game Farm Town are being warned to be on their guard for malicious adverts that display fake security warnings in an attempt to dupe unsuspecting users into installing malicious code or handing over their credit card details.

 

SlashKey, the developers of the game which has over 9.6 million monthly active users on Facebook, has posted a warning on its forum advising players to be wary of warnings that suddenly pop-up telling them that their computer is infected:

If you suddenly get a warning that your computer is infected with viruses and you MUST run this scan now, DO NOT CLICK ON THE LINK, CLOSE THE WINDOW IMMEDIATELY. You should then run a full scan with your antivirus program to ensure that any stray parts of this malware are caught and quarantined.

If you do research on many of these spyware programs you will also find a myriad of sites proclaiming they are the only ones who can rid you of these programs. This is not true and on a personal level I urge you to use great caution as some of these so called wonder cures are as much of a scam as the malware you are trying to remove.

 

Hundreds of Farm Town players have responded on the forum, saying that they have been on the receiving end of the attack – but the worry is that many many more users may not have seen the warning and could have been tricked by the fake anti-virus warnings into infecting their computers or handing over personal information.

It appears that the problem is related to the third-party advertising that Farm Town displays underneath its playing window. In all likelihood, hackers have managed to poison some of the adverts that are being served to Farm Town by the outside advert provider.

 

Such malicious advertising (or malvertising as it is known) has been the vector for other infections in the past, including attacks against the readers of the New York Times and Gizmodo.

 

What makes this attack all the more serious, of course, is the sheer number of people that regularly play Farm Town, and that – in all likelihood – they might not be as tech-savvy as the typical Gizmodo reader, and thus more vulnerable to falling for the hackers’ scam.

 

Rather than SlashKey simply asking its players to report offending adverts when they appear, it might be sensible for the company to disable third-party adverts appearing alongside Farm Town until the problem is fixed.

 

It may not be Farm Town’s fault that a third-party advertising network is serving up malicious ads, but doing anything less is surely showing a careless disregard for the safety of its players.

 

Until the makers of Farm Town resolve the problem of malicious adverts, my advice to its fans would be to stop playing the game and ensure that their computer is properly defended with up-to-date security software. If you do feel you have to play Farm Town then it might be wise to disable adverts in your browser (for instance, using an add-on such as Adblock Plus on Firefox).

 

By the way, if you are on Facebook and want to keep yourself informed about the latest security news you may want to become a Fan of Sophos on Facebook.

 

 

By Graham Cluley, Sophos

 

 

 

Next Page »