Video Screencast Help
Security Response
Showing posts tagged with facebook
Showing posts in English
Mathew Maniyara | 03 Jan 2011 22:52:13 GMT

Facebook has gained a lot of popularity in Indonesia. The country is ranked third in the most number of Facebook users. With more end users in Indonesia, phishers seemed to have gained interest in creating phishing sites that target them. Recently, Symantec observed an adult scam spoofing Facebook that targeted Indonesian end users. The phishing Web site was hosted on a free Web hosting site.

The phishing site stated that an application in which end users can view adult videos of popular Indonesian celebrities was available. It was claimed that the videos were taken from hidden cameras in hotel rooms. Users were prompted to enter their login information to gain access to the fake application. To make it look more convincing, it was claimed that the application was from Facebook’s service team. The phishing page displayed a slide show of pornographic images of Indonesian celebrities. The...

Stephen Doherty | 21 Dec 2010 12:46:38 GMT

Following my recent blog on W32.Yimfoca.B, it was clear that W32.Yimfoca also received a facelift (no pun intended). W32.Yimfoca.B spreads through instant messaging applications and once installed will download and install W32.Yimfoca. The latest version of W32.Yimfoca is targeting Facebook users by prompting them to filling out surveys in return for access to their accounts. 

On visiting Facebook, users are prompted with an overlay message, asking them to fill in a survey before gaining access to the site. The message reads:
Complete one of these surveys to gain access this page. Otherwise you will not have access to this page.
Candid Wueest | 25 Nov 2010 04:54:13 GMT

We all know spam can be really annoying, and this does not only apply to email messages. Although, with more than 90% of all email being spam, it sure is the biggest piece of cake.

Unfortunately, we have seen that spammers are adapting to all kinds of different platforms, as long as they offer a way of sending messages. Of course, social networks have not been left out by the spammers, since this adds millions of potential spam victims.

There are a lot of different ways that people can interact on social networks and therefore there are also a variety of spam attacks seen. One specific kind of spam that we see is event spam. This method has been around for a few years, but it is still actively used by spammers.

One example is Facebook, which allows its users to create and promote individual events. For this, they can create entries with text, images, and links and send invitations to all of their friends. Well, actually to even more people, because you can also...

Candid Wueest | 21 Oct 2010 21:06:15 GMT

According to a recent article in the Wall Street Journal, many of the popular Facebook applications—such as social games—record the Facebook user ID and share them with third-party companies. This issue obviously affects millions of Facebook users who regularly use Facebook applications.

The applications’ behavior is clearly against the Facebook rules for application designers, but unfortunately there is no good way to enforce the policies, since the information is transmitted to remote servers in order for the application to process it. If the application stores a user ID, together with a usage profile for later analysis, it is completely outside of the reach of Facebook. Basically, once the application receives the information, they can control and decide what they want to do with it. Earlier today, Facebook posted a...

Candid Wueest | 28 Sep 2010 12:08:42 GMT

Facebook now has over 500 million registered users, which makes this social network (like many other social networks) a very attractive “fishing pool” for attackers. There are so many potential victims that could easily fall for any of the scattered bait. So, it does not come as a surprise that we see another scam campaign launched nearly every week.

Currently, one of the ongoing scams is referring to a guy that apparently took revenge on his ex-girlfriend. The enticing message that has appeared on many profile pages is similar to the following:

“OMG This GUY Went A Little To Far WITH His Revenge On His EX Girlfriend”

Even though it might appear that one of your friends has shared this link, he or she most likely did not do it knowingly. This is because whenever someone follows one of these malicious links, he or she...

Mathew Maniyara | 09 Aug 2010 21:10:48 GMT

In August 2010, Symantec observed a phishing website that targeted Facebook login credentials, which claimed to provide security to Facebook users. The page was not imitating the legitimate Facebook website, but appeared to be an alternate website that provided this facility. The phishing site was titled as a “Security and Privacy Update” website. The page stated that Facebook users were vulnerable to threats such as spam messages or hackers that could cause problems with their user profiles. The page further stated that if users confirmed their identity by providing login details, then they would be safe from such threats. On the contrary, if a user gave up their login details to the phishing site, the fraudsters would have succeeded and could steal the details for use in future attacks.

A free Web hosting site hosted the phishing site. The words used in the phishing URL gave the...

khaley | 01 Jul 2010 11:56:13 GMT

Despite threats, companies lack policies on social media at work

Nothing has happened to change the mind of IT management in the last several years; social networks remain a major security concern. What has changed is that social media has become more established, and the ability for IT management to block access to social media is less and less likely. According to some survey work we did, there is only a 1 in 20 chance of your company blocking access to social networking sites.

Part of this is no doubt because of the rush by businesses to adopt social networking in their marketing efforts. Companies have started Twitter accounts, created Facebook fan pages, and established a presence in online communities. What’s clear from our survey is that simply having a presence on social networks is good for business. In our survey, 52% of respondents said that a company’s presence on social media positively impacts their opinion of the company. As for keeping...

khaley | 14 May 2010 12:41:18 GMT

Last week I wrote about The Ghosts of Facebook; Facebook accounts whose owner didn’t appear to be a real person (in this case someone named Chong Loris). I got quite a bit of reaction to the blog. Some people registered with real concerns. Others wondered what the fuss was all about. In other words, was I truly shocked that some people are not who they say they are on Facebook?

I must admit I felt a little bit like Claude Rains in Casablanca. At one point in the classic Humphrey Bogart movie he shuts down Rick’s Café, saying he is “Shocked, shocked to find that gambling is going on at this establishment.” At that moment he is interrupted by an employee and given his winnings from the roulette table.

So no, I’m not shocked about phony Facebook accounts. And there are a few scenarios where it’s not a big deal. Certainly a violation of Facebook policy, but not...

khaley | 06 May 2010 22:02:02 GMT

I do not believe that Chong Loris exists. No picture of her appears to exist. A Google search of her name returns no results. She says she’s a student at Jacksonville U. but they have no record of her. She is like a ghost. And yet, she has 562 friends on Facebook.
I’ve asked her to be my friend. I sent a nice invitation to her, but have heard nothing back. No answer. And yet every day she adds more friends. It appears to be a one-way street. She may pick you to be her friend. But don’t ask her. You’ll never hear from her.
Once you become a friend you don’t hear from her either. She posts nothing to her Wall. Isn’t interested in games. Only shares basic information about herself. In fact, some of her friends have become suspicious. One accused her of being a spammer. Shortly after that accusation a picture of her appeared with a caption that said, “It’s me.” Now she’s up to 634 friends...

Joji Hamada | 02 May 2010 10:19:39 GMT

Spam emails such as the one below have been doing the rounds on the Internet hoping to lure recipients into downloading a Facebook toolbar.

If you download the file by clicking on “Download Here”, you'll see a file with the icon shown below:

If you take a closer look at the icon, “darkSector” is shown inside of it.  How strange. Is this actually a Facebook toolbar?  Let’s take a look at the property of the file since the file looks a bit fishy.  In the file properties, you'll see the following in the Details tab.

The details mentioned here are for a program called HijackThis (a security software) provided by Trend Micro. This is even stranger.

Well, the file is...