Endpoint Protection

View Only

Back to discussions

Expand all | Collapse all

Error

Jump to Best Answer

1. Error

0 Recommend
Migration User
Posted Feb 16, 2013 04:05 AM

Reply Reply Privately
Hello,

Means this Error "[SID 25821] web attack facebook fake survey 3 detected"
2. RE: Error

0 Recommend
Migration User
Posted Feb 16, 2013 04:13 AM

Reply Reply Privately
HI,

Check this artical

Web Attack: Facebook Fake Survey 3

http://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=25821

Check this blog

Social Scams
https://www-secure.symantec.com/connect/blogs/social-scams

Here's a direct link to that white paper:

http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/scams_and_spam_to_

Check this thread

http://www.symantec.com/connect/forums/web-attack-facebook-fake-survey-3
3. RE: Error

0 Recommend
Migration User
Posted Feb 16, 2013 04:21 AM

Reply Reply Privately
I will check attach URL and update you.
4. RE: Error

0 Recommend
ℬrίαη
Posted Feb 16, 2013 05:43 AM

Reply Reply Privately
It means your IPS has blocked an attack attempt. It should be doing its job. If you open your security log, more info will be there
5. RE: Error
Best Answer

0 Recommend
Trusted Advisor

Mithun Sanghavi
Posted Feb 18, 2013 05:21 AM

Reply Reply Privately
Hello,

Web Attack: Facebook Fake Survey 3 exploits Microsoft Internet Explorer CVE-2012-1876 Col Element Remote Code Execution Vulnerability

http://www.securityfocus.com/bid/53848/info

I would recommend you to -

1) Make sure ALL Computers are installed with Symantec EP with latest / updated with virus defintions.

2) Install ALL Latest Microsoft Secuirty Patches / Sevice Packs on ALL machines.

3) Make sure ALL the client machines are using the Latest Vendor Patches installed.

If the IPS signture indicates that the malicious traffic was safely blocked and your computers are fully patched, then you should be OK. Definitely do keep your defences up and stay aware. Social networking is great, but as with most things there are scams and dangers. Her is some good reading from Symantec and Facebook security teams:

Social Scams

https://www-secure.symantec.com/connect/blogs/social-scams

Phishers' Fake Security App for Facebook

https://www-secure.symantec.com/connect/blogs/phishers-fake-security-app-facebook

Here's a direct link to that whitepaper:

http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/scams_and_spam_to_av

Hope that helps!!
6. RE: Error

0 Recommend
Migration User
Posted Feb 21, 2013 06:28 AM

Reply Reply Privately
Hi

Please confirm that systems are patched with required microsoft patches and latest definitions update.

Regards
7. RE: Error

0 Recommend
Migration User
Posted Feb 21, 2013 07:13 AM

Reply Reply Privately
Hi Kiran,

Go through the Link below and you will understand what it is and why it is important to be blocked.

http://www.symantec.com/business/support/index?page=content&id=TECH152794&actp=search&viewlocale=en_US&searchid=1361448673908

Endpoint Protection

Error

Migration UserFeb 16, 2013 04:05 AM

Migration UserFeb 16, 2013 04:13 AM

Migration UserFeb 16, 2013 04:21 AM

ℬrίαηFeb 16, 2013 05:43 AM

Mithun SanghaviFeb 18, 2013 05:21 AMBest Answer

Migration UserFeb 21, 2013 06:28 AM

Migration UserFeb 21, 2013 07:13 AM

1. Error

2. RE: Error

3. RE: Error

4. RE: Error

5. RE: Error Best Answer

6. RE: Error

7. RE: Error

5. RE: Error
Best Answer