Want to see who has viewed your Facebook profile? Take care..

I’m increasingly being asked by folks on Facebook if it’s possible to tell who has been viewing their Facebook profile. A number have been attracted to webpages and Facebook applications that claim to be able to give you a secret insight into who is spying on your profile.

 

Well, if you’re one of those people who are curious about who might be watching you online, take care.

 

Right now we’re seeing a significant number of Facebook users posting messages such as:

OMG OMG OMG... I can't believe this actually works! Now you really can see who views your profile!!! WOAH

and

See who views your Facebook profile in real-time!!!

 

However, like the “Justin Bieber cell phone number” scam and the “This mother went to jail for taking this pic of her son!” scam, the links pointed to in your friends’ status updates are not to be trusted.

 

If you make the mistake of clicking on the link to one of these pages offering to tell you who is viewing your Facebook profile, you will find that the people behind the “services” want you to do a few things first.

 

For instance, they’ll ask you to “Like” their pages (which means you are spreading the link to friends in your social network), and they will ask you to advertise their site by posting an “OMG” message (with a link) to at least five different places on Facebook.

 

After all that hard work you would hope that they would give you access to the powerful Profile Spy app wouldn’t you? But I’m afraid your luck is out.

 

They’ll next ask you to hand over your personal information by taking numerous surveys – before ultimately trying to trick you into handing over your cellphone number which they’ll sign up to an expensive premium rate service.

 

 

Remember, this scam doesn’t work as the result of clickjacking, or a vulnerability on Facebook. The scammers are achieving their ends because of human gullibility – pure and simple. If people considered what they were doing and thought twice about the possible consequences then we would see nothing like as many of these attacks occurring, and our news feeds on Facebook would see less spam.

 

 

Read More…

 

Malware Sales Through Social Networks

Social media has affected business organizations in many different ways through the years and these effects caused the development of a rather complicated relationship between the two.

 

Social media has proven to be an effective marketing tool for businesses. Data collected last year from Fortune’s Global 100 revealed that more than 50 percent of the said companies have Twitter, Facebook, and YouTube accounts. On the other hand, social media tools such as social networks have been reported to affect office productivity and also serve as popular media for online threats.

 

In the same way that businesses use social media, cybercriminals do as well. Just recently, we saw an advertisement for fake point-of-sale (POS) devices in an underground forum where the seller offered a fake POS device for 1,000 EUR.

 

This time, we found an advertisement for a malicious tool, in a more “mainstream” channel.

 

 

 

 

The YouTube video above is actually an advertisement for a distributed denial-of-service (DDoS) tool. A screenshot of the tool is shown on the video while features and other details such as the price and the URL where to purchase the tool are indicated in the details. (It has since been taken down by YouTube.)

 

Notably, the video had more than 600 views. Though the number is relatively small, one can’t help but wonder how many of those viewers were enticed enough to visit the given site and to purchase the tool. After all, it’s only US$15.

 

The said post is just one of the many malware ads in social networks. If anything, the above-mentioned advertisement only goes to show that cybercriminals are using social networks the same way legitimate businesses do to gain “customers” even if the customers in question are other cybercriminals.

 

For best practices to follow in managing a social network account, you can check our white paper, “Security Guide to Social Networks.”

 

 

Don’t click on ‘Paramore n-a-k-ed photo leaked!’ Facebook link

Updated Many Facebook users are being hit by further clickjacking attacks today, taking advantage of the social network’s “Like” facility.

 

The latest lure is a link which claims to point to a website containing a naked photo of Hayley Williams, the lead singer of the American rock band Paramore.

 

Affected profiles can be identified by seeing that the Facebook user has apparently “liked” a link:

Paramore n-a-k-ed photo leaked!

 

The fact that 21-year-old Hayley Williams has recently been the subject of much internet interest after a topless photo of her was leaked online, is only likely to fuel interest in the naked pictures promised by these links. But take care, because all may not be what it seems.

 

Clicking on the links takes Facebook users to a third-party website which displays a message saying:

Click here to continue if you are 18 years of age or above

What the hackers have actually done is very sneaky. They have hidden an invisible button under your mouse, so wherever you click on the website your mouse-press is hijacked. As a consequence, when you click with the mouse you’re also secretly clicking on a button which tells Facebook that you ‘like’ the webpage. This then gets published on your own Facebook page, and shared with your online friends, resulting in the link spreading virally.

 

Attacks like this can spread very very fast. Judging by the number of messages I’ve seen, thousands have already found it impossible to resist the idea of seeing the lead singer of Paramore naked and have fallen head-first into the “likejacking” trap.

 

This use of a clickjacking exploit to publish the same message (via an invisible iFrame) to the visiting user’s own Facebook page works in a similar fashion to the clickjacking attacks we saw earlier this week.

 

Read More…

Try not to laugh xD: Worm spreads via Facebook status messages

A clickjacking worm spread quickly across Facebook earlier today, tricking users into posting it to their status updates.

The worm, which some have dubbed Fbhole because of the domain it points to, posts a message like the following:

try not to laugh xD http://www.fbhole.com/omg/allow.php?s=a&r=<random number>

 

Clicking on the link would display a fake error message that would trick you – through a clickjacking exploit – to invisibly push a button that would publish the same message to your own Facebook status update. We’ve seen clickjacking exploited by hackers before in attacks on social networks, for instance in the “Don’t click” attack seen on Twitter in early 2009.

 

READ MORE…. and see the video

 

 

The Facebook Friend Suggestions security scare

Warnings are being posted all across Facebook suggesting that users who have received multiple friend suggestions are really infected with a computer virus.

 

A typical version of the warning reads as follows:

VIRUS WARNING: ANYONE WHO HAS GOTTEN A TON OF FRIEND SUGGESTIONS BE CAREFUL! IT IS A VIRUS! IF YOU ACCEPT THEM THEN YOUR ACCOUNT WILL SEND OUT ABOUT 85 TO SOMEONE ELSE!!! WARN YOUR FRIENDS NOW! This is a new virus that is sending requests to spread. DO NOT ACCEPT FRIEND SUGGESTIONS AT THE MOMENT!

The reality, however, is somewhat different. Most importantly, the behaviour and sightings of more than the usual number of Friend Suggestions are not a sign of a computer virus infection.

 

Instead, it appears that Friend Suggestions on Facebook now go to both parties, rather than just the one you specifically suggests takes up your suggestion of a new online connection.

 

So, imagine you are Tom, and you think that your friend Dick should become Facebook friends with Harry. You visit Dick’s Facebook profile, scroll down to where it says “Suggest friends for Dick” and choose Harry’s name.

Your suggestion that Dick should become friends with Harry doesn’t just go to Dick, but it will also now go to Harry as well. Presumably Facebook has made this change in order to encourage more users to interconnect.

 

But there’s more.

 

As Facebook reveals on its help pages about Friend Suggestions, Facebook can alsosuggest possible friends for you to connect with.

 

It does this by automatically examining “the networks that you are a part of, mutual friends, work and education information, contacts imported using the Friend Finder, and many other factors.”

 

Aside from the mysteriously ambiguous “many other factors”, the thing I find concerning there is the reference to Friend Finder.

 

What Facebook means is that they can suggest friends based upon email addresses that you may have imported into Facebook from your email account address book, perhaps when you first set up your account.

 

What many people may not realise is that even if you didn’t add everyone you imported from your address book as a Facebook friend, Facebook can still use those contacts imported from Outlook, Gmail, Hotmail, Yahoo, etc, in order to make future recommendations.

 

Therefore, Facebook may also see your email address in other people’s contact lists, and determine relationships based upon that.

 

If this bothers you (and I can perfectly understand why it would), then Facebook says you can tell it to remove the contacts from its suggestions system. Of course, it might have been better if you hadn’t offered up your address book to Facebook in the first place..

 

Facebook also says that you can change your privacy settings to prevent your profile from being visible to everyone as a potential friend suggestion.

 

More information about Facebook’s Friend Suggestions system can be read online here.

 

No doubt most of the souls forwarding and reposting this latest Facebook security scare to their profiles are oblivious to all these fine details, however, and are still believing that a virus is behind the suggestion messages that they are viewing.

 

Of course, it should still go without saying, that whether you receive a friend request or a friend suggestion, you should exercise caution about who you befriend on a social network – as it could be a cybercriminal rather than a long lost chum who is trying to access your profile.

 

Oh, and don’t forget. If you’re on Facebook you might want to become a Fan of Sophos on Facebook to ensure you are kept up-to-date with the latest security news.

 

 

By Graham Cluley, Sophos

 

Facebook disables chat after security hole discovered

Facebook has taken down its instant messaging-style system which allows members to chat real-time with each other after claims that the system suffers from a serious security problem.

 

According to a report by TechCrunch, a security flaw allows your Facebook friends to secretly spy on your private live chats as well as any see any pending friend requests that you have made.

 

In the past Facebook has insisted that privacy is its “highest priority”, but there isgrowing concern that the site has played fast and loose with the personal information of its 400 million users, encouraging them to share too much private data online and changing privacy settings to be more “open”.

 

A video has been posted on YouTube which allegedly demonstrates the security hole:

 

The news that Facebook has disabled its chat system suggests that they are working on fixing the security problem. Hopefully it will be resolved quickly.

 

But even if this security issue is fixed promptly there are other security issues on Facebook, as with any other social network, that need to be considered if you plan on continuing to use the site. Make sure you read our guidelines for better security and privacy on Facebook.

 

Oh, and you might want to become a Fan of Sophos on Facebook too to ensure you are kept up-to-date with the latest security news.

 

by Graham Cluley, Sophos

 

 

The Hacker Door Facebook security scare

A warning being sent across Facebook is scaring users into believing that their accounts have been hacked.

 

Here is a typical example of a warning message:

To all of my friends: COPY & PASTE: New problem found.... Hacker in door in our friends list!....We are now listed as friends of ourselves! You need to delete yourself from your friends list to close the door to hackers. To do this ... Go to Account, go to edit friends, there search for your name on the list and click the X to get your name removed.

 

The problem with this warning is that it’s complete poppycock, and causing some users to panic that they could have been hacked.

 

Yes, there is a bug that means that when you search through your Facebook friends list, you show up yourself as one of your friends. And yes, even if you try and “delete” yourself as a friend you’ll pop up again when you refresh the webpage.

 

But this is not evidence that your account has been compromised, and if you forward this warning to your Facebook friends and acquaintances you are only helping to perpetuate the hoax.

 

We saw a similar hoax spreading across Facebook earlier this year in what we called the “Automation Labs” security scare.

 

In summary, the “Hacker Door” scare is not something to worry about, and you should always check your facts before forwarding security warnings like this to your friends and colleagues.

 

However, there are real security issues on Facebook, as with any other social network. Make sure you read our guidelines for better security and privacy on Facebook.

 

Oh, and you might want to become a Fan of Sophos on Facebook too!

 

By Graham Cluley, Sophos

 

 

Facebook privacy given a poor scorecard by WhatApp project

Facebook has been rated lower than its social networking competitors Twitter and MySpace for privacy and security, according to a study from Stanford University.

 

According to a report in Forbes, the WhatApp website has rated the security and privacy of Facebook as being lower than that of the Apple iPhone, Twitter and MySpace.

 

Service	Privacy	Security
Facebook	2/5	2/5
Twitter	3/5	3/5
MySpace	3/5	3/5
iPhone	3/5	3/5

WhatApp, which was co-created by Stanford University Law fellow Ryan Calo, describes itself as “an online resource where experts and other users can assess, discuss, and rate the privacy and security of mobile and Internet-enabled applications. Now in Beta, the website combines traditional consumer reporting and review tools with wikis and news feeds to allow users to make informed choices about the applications they download.”

 

Calo told Forbes that he believed Facebook users are concerned about the amount of information applications can access: “I think people are upset because when you download an app, you don’t have any control over what the app developer sees on your profile. There’s the perception among users that they don’t need to give away so much information to have the apps do the same thing as they are currently doing.”

 

However, I think we would be rash to take WhatApp’s scorecard for Facebook at err.. face value. It’s important to note that the WhatApp site’s goal is primarily to look at specific applications, and that the results publicised by Forbes are extrapolated from those individual application scores to give an overall score for how well Facebook as a whole is faring. (I’ve been contacted by Oliver Chiang, the author of the Forbes article, who tells me that WhatApp do rate platforms such as Facebook separately from the apps, so it’s not an aggregation. Sorry about that).

 

What isn’t clear is how well can we verify Carlo’s credentials as an expert, and it’s also not shown how many of the site’s “verified” experts contributed to the scores that have been published so far. Nevertheless, Facebook won’t be best pleased to see it ranked poorly against its competitors.

 

Facebook security and privacy are very real concerns, of course, and this debate is likely to run and run. Many of us may well have good reason to long for the days of 2006, when Facebook privacy was a much simpler thing:

"No personal information that you submit to Facebook will be available to any user of the Web Site who does not belong to at least one of the groups specified by you in your privacy settings."

It’s very simple – all I want is to have control over who can see my personal information on Facebook.

But it seems that more and more Facebook is preventing me from achieving that seemingly simple aim.

 

By Graham Cluley, Sophos

 

 

New password-stealing virus targets Facebook

Twitter fights back against spam, phishing, and other malicious links

In a move that should be welcomed by many users, Twitter has announced that it is introducing a new feature to combat the many malicious and malware URLs that are distributed via the micro-blogging site.

 

In a blog entry posted by Del Harvey, Twitter’s Director of Trust and Safety, it was revealed that the site will start using its own URL shortener (twt.tl) for Twitter messages sent privately between two users via a direct message (DM), giving it the opportunity to “detect, intercept, and prevent the spread of bad links across all of Twitter”.

 

As Sophos’s Chet Wisniewski told DarkReading, the new http://twt.tl shortened url appears to be only evoked with email notifications for direct messages at this time.

 

Details of how Twitter is determining if a link is potentially malicious or not do not appear to have been released at this time, and it would certainly be great if Twitter would post some more information on how the system will work and what users can expect to see.

 

It’s also to be hoped that this new service will be rolled-out to other areas of Twitter too. We’ve seen many times in the past that phishing and spam attacks on Twitter don’t tend to restrict themselves purely to DMs, but will also often be found in the public timeline too, as the following YouTube video demonstrates:

 

(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)

The problem of dangerous links being distributed via Twitter has been growing for some time, with some 70% of people polled by Sophos reporting that they have been on the receiving end of spam and malware attacks via social networks in the last year.

 

The news of Twitter’s new twt.tl short url facility follows a few months after bit.ly announced that it would protect users against visiting webpages that may contain a malware, spam or phishing threat using technology from security vendors such as Sophos.

 

* Image source: wonderferret’s Flickr photostream (Creative Commons)

By Graham Cluley, Sophos

 

Next Page »