Video Screencast Help
Search Video Help Close Back
to help

Security Response

Showing posts tagged with facebook
Showing posts in English
Social Scams - Part 2: How to Clean Up Your Browser and Facebook Timeline
Satnam Narang | 03 Apr 2013 19:36:40 GMT | 0 comments

During recent weeks, I have seen different scams on Facebook attempt to convince users to install Google Chrome extensions. I have noticed some conversations taking place around the scams; people not sure how to get rid of the scammer photos or how to prevent the scams from spreading further. Some users have unfortunately  gone as far as creating new Facebook profiles for themselves. This is not necessary.

If you have been tricked by one of these scams, here is how you can clean up your browser and Facebook timeline:
 

Remove bad browser extensions

If you have installed the Chrome extension for Facebook Black, Profile Spy ("See Your Profile Viewers"), or Free PS4, you will need to uninstall it from your...

Read more
Social Scams - Part 1: Reusing Old Scams to Push Browser Extensions
Satnam Narang | 03 Apr 2013 19:35:53 GMT | 0 comments

Last year, we talked about scams and spam circulating on Facebook in our whitepaper. Social networking scammers often reuse common lures to trick users, such as offering free products or additional features that are not available on their network of choice. What these scammers do differently is find new ways to get more eyeballs to view their specific links. Whether it is likejacking or even convincing users to paste code (an external JavaScript file) into the browser address bar, these scammers are relentless.

Just recently, we published a blog about the Facebook Black scam that has been spreading. While that scam continued to spread, we found two old lures being reused,...

Read more
The New Black: Facebook Black Scam Spreads on Facebook
Satnam Narang | 19 Mar 2013 22:38:57 GMT | 0 comments

Yesterday, Facebook users may have noticed an influx of their friends posting about something called Facebook Black.
 

Figure 1. Facebook photo plugging “Faecbook” Black (notice the typo in this image)
 

Similar to previous scams, users are tagged in a picture that contains a link to an external website. In this case, the link is found within the comments instead of the description field (Figure 1).
 

Figure 2. Iframe is used to redirect the user to the landing...

Read more
Phishers' Fake Security App for Facebook
Mathew Maniyara | 14 Dec 2012 23:10:35 GMT | 0 comments

Contributor: Avdhoot Patil

Fake social media applications in phishing sites are not uncommon. Phishers continue to devise new fake apps for the purpose of harvesting confidential information. In December 2012, a phishing site (spoofing Facebook) claimed to have an application to secure Facebook accounts from being hacked. The phishing site was hosted on a free Web-hosting site.

The phishing site required users to enter their Facebook login credentials to gain access to the fake security app. In addition to their Facebook login credentials, users must enter a confirmation code generated by clicking a button. Phishers likely believe asking users to enter a confirmation code and stating that it is certified while displaying a fake Facebook stock certificate will make this fake app page seem more authentic. Still, it is hard to understand how a sample stock certificate has any relevance to security on Facebook.
 

...

Read more
419 Scammers Take Advantage of the Facebook IPO
Nick Johnston | 18 May 2012 14:21:44 GMT | 0 comments

Today sees the highly-anticipated IPO (Initial Public Offering) of the social-networking site Facebook. The IPO is expected to be several times oversubscribed as the demand for shares greatly exceeds the number of shares being issued.

The high-profile nature of this IPO has not escaped the attention of the “419” or the “advance fee fraud” scammers. As a brief reminder, these scams typically promise vast sums of money in exchange for assistance. However, before said sums of money can be received, several increasingly-inventive up-front charges and fees must be paid. The fees keep coming and the promised money never materializes.

We recently spotted a 419 scam message offering a "FACEBOOK (IPO) SUBSCRIPTION PARTNERSHIP PROPOSAL". The use of an all uppercase heading is a common hallmark of such 419 scams.

The scam claims to be sent from a finance firm with offices in multiple locations around the world. The exact nature of the...

Read more
Social Scams
Kevin Haley | 25 Apr 2012 18:19:22 GMT | 0 comments

It was the best of posts, it was the worst of posts. My apologies to Charles Dickens, but it seems to be the best way to describe two themes I see on Facebook wall posts these days. Let me show you some of the worst ones first:

Yes; these are scams. Posted as legitimate messaging on Facebook user’s walls by bad guys. Blaming Facebook for scams is a little like blaming Al Gore for malware on the Internet. Even if Mr. Gore did invent the Internet, he certainly didn’t invite all those malware authors to join up. I addressed the attraction of Facebook to bad guys some time ago. Here’s the short version: malware authors target people, not computers. Lots of people are on Facebook; malware authors follow.

It all seems like bad news, doesn’t...

Read more
Phishers Dislike Facebook Timeline
Mathew Maniyara | 08 Mar 2012 23:50:37 GMT | 0 comments

Co-Author: Ayub Khan

Phishers regularly introduce new types of fake applications with the motive of improving their chance to harvest user credentials. In February 2012, Symantec observed a phishing site recommending a fake application that allegedly removes “Timeline” profile for Facebook users. The phishing site was hosted on a free web hosting site.

The phishing site embedded the Facebook Timeline promotion video from YouTube, with the claim “Remove Timeline Now”. According to this phishing site, users will have their “Timeline” removed from their Facebook profile and get back their old profile page—only after they enter their login credentials. To make the fake application look more authentic, phishers added that it was protected by an antivirus product with the logo of the antivirus brand placed...

Read more
iPad 3 Spam
Sean Butler | 24 Jan 2012 02:38:43 GMT | 0 comments

Recently, I came across a scam email that is trying to take advantage of the hype surrounding the yet-to-be-released iPad 3. The release date of the iPad 3 is still unknown but spammers are already jumping on the bandwagon in the hope of scamming people who will be eager to get their hands on one of these devices.

The scammers introduce themselves as Mark Zuckerberg, the CEO of Facebook. The email then states how Facebook have joined up with Apple for a one time promotion – to give away an iPad 3 at no cost. This is, of course, all false information but the scam attempts to entice potential victims by stating how they have been randomly selected from a Facebook database. It is possible that a user could potentially be deceived by this ruse if they receive this email to the email address they have used to register with Facebook.

The user is then asked to click on a link and fill out a survey. The goal of the scammers here is to obtain personal information from...

Read more
Fake Browser Plug-in—A New Vehicle for Scammers
Hardik Suri | 17 Jan 2012 15:53:09 GMT | 0 comments

Facebook scams have become a common propagation vector for scammers to earn commissions. But once in a while, something interesting happens that makes security researchers sit up and take notice. One such case is a scam that is currently fooling victims into downloading a fake browser plug-in.  The scenario is very simple: the victim is lured into watching some video; but instead of asking the victim to share/like the video, (which we have seen in many scams) the scammers present the victim with a fake plug-in download image, which is required to see the video. One such case is described below.

The fake screen is nothing but an image that has been loaded from another site through an iframe. The iframe that loads the fake contents can be seen below:

Upon visiting the iframe-loaded site we are presented with...

Read more
Fake Offers For Mobile Airtime Haunts Indian Users
Mathew Maniyara | 20 Dec 2011 02:17:51 GMT | 0 comments

Co-Author: Avdhoot Patil

Symantec is familiar with phishing sites which promote fake offers for mobile airtime. In December, 2011, the phishing sites which utilized these fake offers as bait have returned. The phishing sites were hosted with free web hosting.

When end users enter the phishing site, they receive a pop up message stating they can obtain a free recharge of Rs. 100:

Upon closing the pop up message, users would arrive at a phishing page which spoofs the Facebook login page. The contents of the page would be altered to make it look as though the social networking site was giving away free mobile airtime. A list of 12 popular mobile phone services from India would be displayed with their brand logos. Once the page completes...

Read more