Bitdefender Safego The New Social Network Protection

July 24, 2011 by  
Filed under Protection Tools

Posts on your wall, comments from friends, status updates. These are the tools that help you build your online social interactions. But don’t forget that your online social life relies on a crucial ingredient: your friends’ trust in you. So why let infected links, spam or deftly crafted scams step in and spoil your fun? After all, we’ve all had enough of the “see who viewed your profile” tricks and of its countless siblings.


Using in-the-cloud scanning, Bitdefender Safego protects your social network account from all sorts of e-trouble: scams, spam, malware and private data exposure. But, most importantly, Safego keeps your online friends safe and …close.



To install the app Click Here

New password from Facebook? Beware widely spread malware attack

November 19, 2010 by  
Filed under Security News

Malicious hackers have spammed out an attack that pretends to be an email from Facebook support saying that your password has been changed.


The messages, which have a variety of subject lines including “Facebook Service. A new password is sent you”, “Facebook Support. Your password has been changed” and “Facebook Service. Your account is blocked”, have a ZIP file attached which carries a Trojan horse.


New password from Facebook?

Good afternoon.


A spam is sent from your Facebook account.
Your password has been changed for safety.


Information regarding your account and a new password is attached to the letter.
Read this information thoroughly and change the password to complicated one.


Thank you for your attention,
Facebook Service.


Sophos products detect the attached ZIP file as Mal/BredoZp-B, and the Trojan horse contained within as Troj/Agent-PLG.


It’s possible that the attackers are attempting to exploit the problems many female Facebook users had this week when the social network disabled many accounts by accident.


Don’t forget – you should always be extremely suspicious of any unsolicited email which arrives out of the blue, encouraging you to open an attachment.


By Graham


Want to see who has viewed your Facebook profile? Take care..

July 26, 2010 by  
Filed under Security News

I’m increasingly being asked by folks on Facebook if it’s possible to tell who has been viewing their Facebook profile. A number have been attracted to webpages and Facebook applications that claim to be able to give you a secret insight into who is spying on your profile.


Well, if you’re one of those people who are curious about who might be watching you online, take care.


Right now we’re seeing a significant number of Facebook users posting messages such as:

OMG OMG OMG... I can't believe this actually works! Now you really can see who views your profile!!! WOAH


See who views your Facebook profile in real-time!!!

See who views your profile


However, like the “Justin Bieber cell phone number” scam and the “This mother went to jail for taking this pic of her son!” scam, the links pointed to in your friends’ status updates are not to be trusted.


If you make the mistake of clicking on the link to one of these pages offering to tell you who is viewing your Facebook profile, you will find that the people behind the “services” want you to do a few things first.


See who has viewed your profile scam page

For instance, they’ll ask you to “Like” their pages (which means you are spreading the link to friends in your social network), and they will ask you to advertise their site by posting an “OMG” message (with a link) to at least five different places on Facebook.


After all that hard work you would hope that they would give you access to the powerful Profile Spy app wouldn’t you? But I’m afraid your luck is out.


They’ll next ask you to hand over your personal information by taking numerous surveys – before ultimately trying to trick you into handing over your cellphone number which they’ll sign up to an expensive premium rate service.


See who has viewed your profile scam page


Remember, this scam doesn’t work as the result of clickjacking, or a vulnerability on Facebook. The scammers are achieving their ends because of human gullibility – pure and simple. If people considered what they were doing and thought twice about the possible consequences then we would see nothing like as many of these attacks occurring, and our news feeds on Facebook would see less spam.



Read More…


Malware Sales Through Social Networks

June 30, 2010 by  
Filed under Security News

Social media has affected business organizations in many different ways through the years and these effects caused the development of a rather complicated relationship between the two.


Social media has proven to be an effective marketing tool for businesses. Data collected last year from Fortune’s Global 100 revealed that more than 50 percent of the said companies have Twitter, Facebook, and YouTube accounts. On the other hand, social media tools such as social networks have been reported to affect office productivity and also serve as popular media for online threats.


In the same way that businesses use social media, cybercriminals do as well. Just recently, we saw an advertisement for fake point-of-sale (POS) devices in an underground forum where the seller offered a fake POS device for 1,000 EUR.


This time, we found an advertisement for a malicious tool, in a more “mainstream” channel.


Click for larger view




The YouTube video above is actually an advertisement for a distributed denial-of-service (DDoS) tool. A screenshot of the tool is shown on the video while features and other details such as the price and the URL where to purchase the tool are indicated in the details. (It has since been taken down by YouTube.)


Notably, the video had more than 600 views. Though the number is relatively small, one can’t help but wonder how many of those viewers were enticed enough to visit the given site and to purchase the tool. After all, it’s only US$15.


The said post is just one of the many malware ads in social networks. If anything, the above-mentioned advertisement only goes to show that cybercriminals are using social networks the same way legitimate businesses do to gain “customers” even if the customers in question are other cybercriminals.


For best practices to follow in managing a social network account, you can check our white paper, “Security Guide to Social Networks.”




Don’t click on ‘Paramore n-a-k-ed photo leaked!’ Facebook link

June 5, 2010 by  
Filed under Security News

Updated Many Facebook users are being hit by further clickjacking attacks today, taking advantage of the social network’s “Like” facility.


The latest lure is a link which claims to point to a website containing a naked photo of Hayley Williams, the lead singer of the American rock band Paramore.


Affected profiles can be identified by seeing that the Facebook user has apparently “liked” a link:

Paramore n-a-k-ed photo leaked!

Paramore n-a-k-ed photo leaked! malicious message


The fact that 21-year-old Hayley Williams has recently been the subject of much internet interest after a topless photo of her was leaked online, is only likely to fuel interest in the naked pictures promised by these links. But take care, because all may not be what it seems.


Clicking on the links takes Facebook users to a third-party website which displays a message saying:

Click here to continue if you are 18 years of age or above

Paramore naked photo age check

What the hackers have actually done is very sneaky. They have hidden an invisible button under your mouse, so wherever you click on the website your mouse-press is hijacked. As a consequence, when you click with the mouse you’re also secretly clicking on a button which tells Facebook that you ‘like’ the webpage. This then gets published on your own Facebook page, and shared with your online friends, resulting in the link spreading virally.


Attacks like this can spread very very fast. Judging by the number of messages I’ve seen, thousands have already found it impossible to resist the idea of seeing the lead singer of Paramore naked and have fallen head-first into the “likejacking” trap.


This use of a clickjacking exploit to publish the same message (via an invisible iFrame) to the visiting user’s own Facebook page works in a similar fashion to the clickjacking attacks we saw earlier this week.


Read More…

Try not to laugh xD: Worm spreads via Facebook status messages

May 21, 2010 by  
Filed under Security News

A clickjacking worm spread quickly across Facebook earlier today, tricking users into posting it to their status updates.

Try not to laugh attack

The worm, which some have dubbed Fbhole because of the domain it points to, posts a message like the following:

try not to laugh xD<random number>


Clicking on the link would display a fake error message that would trick you – through a clickjacking exploit – to invisibly push a button that would publish the same message to your own Facebook status update. We’ve seen clickjacking exploited by hackers before in attacks on social networks, for instance in the “Don’t click” attack seen on Twitter in early 2009.


READ MORE…. and see the video



The Facebook Friend Suggestions security scare

May 14, 2010 by  
Filed under Security News

Warnings are being posted all across Facebook suggesting that users who have received multiple friend suggestions are really infected with a computer virus.


A typical version of the warning reads as follows:


Facebook friend suggestions security scare

The reality, however, is somewhat different. Most importantly, the behaviour and sightings of more than the usual number of Friend Suggestions are not a sign of a computer virus infection.


Instead, it appears that Friend Suggestions on Facebook now go to both parties, rather than just the one you specifically suggests takes up your suggestion of a new online connection.


So, imagine you are Tom, and you think that your friend Dick should become Facebook friends with Harry. You visit Dick’s Facebook profile, scroll down to where it says “Suggest friends for Dick” and choose Harry’s name.

Your suggestion that Dick should become friends with Harry doesn’t just go to Dick, but it will also now go to Harry as well. Presumably Facebook has made this change in order to encourage more users to interconnect.


But there’s more.


As Facebook reveals on its help pages about Friend Suggestions, Facebook can alsosuggest possible friends for you to connect with.


It does this by automatically examining “the networks that you are a part of, mutual friends, work and education information, contacts imported using the Friend Finder, and many other factors.”


Aside from the mysteriously ambiguous “many other factors”, the thing I find concerning there is the reference to Friend Finder.


What Facebook means is that they can suggest friends based upon email addresses that you may have imported into Facebook from your email account address book, perhaps when you first set up your account.


Facebook Friend Finder

What many people may not realise is that even if you didn’t add everyone you imported from your address book as a Facebook friend, Facebook can still use those contacts imported from Outlook, Gmail, Hotmail, Yahoo, etc, in order to make future recommendations.


Therefore, Facebook may also see your email address in other people’s contact lists, and determine relationships based upon that.


If this bothers you (and I can perfectly understand why it would), then Facebook says you can tell it to remove the contacts from its suggestions system. Of course, it might have been better if you hadn’t offered up your address book to Facebook in the first place..


Facebook also says that you can change your privacy settings to prevent your profile from being visible to everyone as a potential friend suggestion.


More information about Facebook’s Friend Suggestions system can be read online here.


No doubt most of the souls forwarding and reposting this latest Facebook security scare to their profiles are oblivious to all these fine details, however, and are still believing that a virus is behind the suggestion messages that they are viewing.


Of course, it should still go without saying, that whether you receive a friend request or a friend suggestion, you should exercise caution about who you befriend on a social network – as it could be a cybercriminal rather than a long lost chum who is trying to access your profile.


Oh, and don’t forget. If you’re on Facebook you might want to become a Fan of Sophos on Facebook to ensure you are kept up-to-date with the latest security news.



By Graham Cluley, Sophos


Facebook disables chat after security hole discovered

May 6, 2010 by  
Filed under Security News

Facebook has taken down its instant messaging-style system which allows members to chat real-time with each other after claims that the system suffers from a serious security problem.


According to a report by TechCrunch, a security flaw allows your Facebook friends to secretly spy on your private live chats as well as any see any pending friend requests that you have made.


Facebook chat disabled

In the past Facebook has insisted that privacy is its “highest priority”, but there isgrowing concern that the site has played fast and loose with the personal information of its 400 million users, encouraging them to share too much private data online and changing privacy settings to be more “open”.


A video has been posted on YouTube which allegedly demonstrates the security hole:


The news that Facebook has disabled its chat system suggests that they are working on fixing the security problem. Hopefully it will be resolved quickly.


But even if this security issue is fixed promptly there are other security issues on Facebook, as with any other social network, that need to be considered if you plan on continuing to use the site. Make sure you read our guidelines for better security and privacy on Facebook.


Oh, and you might want to become a Fan of Sophos on Facebook too to ensure you are kept up-to-date with the latest security news.


by Graham Cluley, Sophos



The Hacker Door Facebook security scare

May 5, 2010 by  
Filed under Security News

A warning being sent across Facebook is scaring users into believing that their accounts have been hacked.


Here is a typical example of a warning message:

To all of my friends: COPY & PASTE: New problem found.... Hacker in door in our friends list!....We are now listed as friends of ourselves! You need to delete yourself from your friends list to close the door to hackers. To do this ... Go to Account, go to edit friends, there search for your name on the list and click the X to get your name removed.


The problem with this warning is that it’s complete poppycock, and causing some users to panic that they could have been hacked.


Facebook hacker concern

Yes, there is a bug that means that when you search through your Facebook friends list, you show up yourself as one of your friends. And yes, even if you try and “delete” yourself as a friend you’ll pop up again when you refresh the webpage.


But this is not evidence that your account has been compromised, and if you forward this warning to your Facebook friends and acquaintances you are only helping to perpetuate the hoax.


We saw a similar hoax spreading across Facebook earlier this year in what we called the “Automation Labs” security scare.


In summary, the “Hacker Door” scare is not something to worry about, and you should always check your facts before forwarding security warnings like this to your friends and colleagues.


However, there are real security issues on Facebook, as with any other social network. Make sure you read our guidelines for better security and privacy on Facebook.


Oh, and you might want to become a Fan of Sophos on Facebook too!


By Graham Cluley, Sophos



Facebook privacy given a poor scorecard by WhatApp project

April 21, 2010 by  
Filed under Security News

Facebook has been rated lower than its social networking competitors Twitter and MySpace for privacy and security, according to a study from Stanford University.


According to a report in Forbes, the WhatApp website has rated the security and privacy of Facebook as being lower than that of the Apple iPhone, Twitter and MySpace.



Facebook and Twitter rating

WhatApp, which was co-created by Stanford University Law fellow Ryan Calo, describes itself as “an online resource where experts and other users can assess, discuss, and rate the privacy and security of mobile and Internet-enabled applications. Now in Beta, the website combines traditional consumer reporting and review tools with wikis and news feeds to allow users to make informed choices about the applications they download.”


Calo told Forbes that he believed Facebook users are concerned about the amount of information applications can access: “I think people are upset because when you download an app, you don’t have any control over what the app developer sees on your profile. There’s the perception among users that they don’t need to give away so much information to have the apps do the same thing as they are currently doing.”


However, I think we would be rash to take WhatApp’s scorecard for Facebook at err.. face value. It’s important to note that the WhatApp site’s goal is primarily to look at specific applications, and that the results publicised by Forbes are extrapolated from those individual application scores to give an overall score for how well Facebook as a whole is faring. (I’ve been contacted by Oliver Chiang, the author of the Forbes article, who tells me that WhatApp do rate platforms such as Facebook separately from the apps, so it’s not an aggregation. Sorry about that).


What isn’t clear is how well can we verify Carlo’s credentials as an expert, and it’s also not shown how many of the site’s “verified” experts contributed to the scores that have been published so far. Nevertheless, Facebook won’t be best pleased to see it ranked poorly against its competitors.


Facebook security and privacy are very real concerns, of course, and this debate is likely to run and run. Many of us may well have good reason to long for the days of 2006, when Facebook privacy was a much simpler thing:

"No personal information that you submit to Facebook will be available to any user of the Web Site who does not belong to at least one of the groups specified by you in your privacy settings."

Facebook privacy policy, circa 2006

It’s very simple – all I want is to have control over who can see my personal information on Facebook.

But it seems that more and more Facebook is preventing me from achieving that seemingly simple aim.


By Graham Cluley, Sophos



Next Page »