Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Response
Showing posts tagged with facebook
Showing posts in English
Candid Wueest | 21 Mar 2011 21:41:51 GMT

Not only Facebook is adding new and interesting features to its toolbox; spammers and scammers in Facebook are, too. Currently there is a scam making rounds using a classic “who is viewing your profile” themed bait.

So far - nothing new. After the user grants the application the requested privileges, which of course will send out the above mentioned spam posts to all his or her friends, the user gets redirected to a download instruction site. There he or she is asked to download the Firefox browser and then install a popular Firefox extension which allegedly gets downloaded over 27,000 times per week. This simple tweak should generate a new menu entry in Facebook which would then show user statistics.

Of course this “Facebook Connect” Firefox extension is not found on the official Mozilla...

Candid Wueest | 02 Feb 2011 18:03:39 GMT

It’s nothing new: a Facebook scam message about an application that appears to come from friends, such as something that can show you who has viewed your profile. However, this scam nags the user to fill out surveys  and quietly sends the same message to all his or her friends.

Unfortunately, we see them every day.

Another fake application.

This week, I stumbled across a new level of automation with these scams.

The variations in the bait messages are nothing unusual, a quick message followed by a URL:

·         I've just seen who CREEPS around my pics the most here on Facebook! You can see who stalks you too! http://www.redire[REMOVED]com/stalker

·         I just saw who checks me out the most on Facebook! You can see who stalks you too! http://...

Mathew Maniyara | 03 Jan 2011 22:52:13 GMT

Facebook has gained a lot of popularity in Indonesia. The country is ranked third in the most number of Facebook users. With more end users in Indonesia, phishers seemed to have gained interest in creating phishing sites that target them. Recently, Symantec observed an adult scam spoofing Facebook that targeted Indonesian end users. The phishing Web site was hosted on a free Web hosting site.

The phishing site stated that an application in which end users can view adult videos of popular Indonesian celebrities was available. It was claimed that the videos were taken from hidden cameras in hotel rooms. Users were prompted to enter their login information to gain access to the fake application. To make it look more convincing, it was claimed that the application was from Facebook’s service team. The phishing page displayed a slide show of pornographic images of Indonesian celebrities. The...

Stephen Doherty | 21 Dec 2010 12:46:38 GMT

Following my recent blog on W32.Yimfoca.B, it was clear that W32.Yimfoca also received a facelift (no pun intended). W32.Yimfoca.B spreads through instant messaging applications and once installed will download and install W32.Yimfoca. The latest version of W32.Yimfoca is targeting Facebook users by prompting them to filling out surveys in return for access to their accounts. 

On visiting Facebook, users are prompted with an overlay message, asking them to fill in a survey before gaining access to the site. The message reads:
Complete one of these surveys to gain access this page. Otherwise you will not have access to this page.
Candid Wueest | 25 Nov 2010 04:54:13 GMT

We all know spam can be really annoying, and this does not only apply to email messages. Although, with more than 90% of all email being spam, it sure is the biggest piece of cake.

Unfortunately, we have seen that spammers are adapting to all kinds of different platforms, as long as they offer a way of sending messages. Of course, social networks have not been left out by the spammers, since this adds millions of potential spam victims.

There are a lot of different ways that people can interact on social networks and therefore there are also a variety of spam attacks seen. One specific kind of spam that we see is event spam. This method has been around for a few years, but it is still actively used by spammers.

One example is Facebook, which allows its users to create and promote individual events. For this, they can create entries with text, images, and links and send invitations to all of their friends. Well, actually to even more people, because you can also...

Candid Wueest | 21 Oct 2010 21:06:15 GMT

According to a recent article in the Wall Street Journal, many of the popular Facebook applications—such as social games—record the Facebook user ID and share them with third-party companies. This issue obviously affects millions of Facebook users who regularly use Facebook applications.

The applications’ behavior is clearly against the Facebook rules for application designers, but unfortunately there is no good way to enforce the policies, since the information is transmitted to remote servers in order for the application to process it. If the application stores a user ID, together with a usage profile for later analysis, it is completely outside of the reach of Facebook. Basically, once the application receives the information, they can control and decide what they want to do with it. Earlier today, Facebook posted a...

Candid Wueest | 28 Sep 2010 12:08:42 GMT

Facebook now has over 500 million registered users, which makes this social network (like many other social networks) a very attractive “fishing pool” for attackers. There are so many potential victims that could easily fall for any of the scattered bait. So, it does not come as a surprise that we see another scam campaign launched nearly every week.

Currently, one of the ongoing scams is referring to a guy that apparently took revenge on his ex-girlfriend. The enticing message that has appeared on many profile pages is similar to the following:

“OMG This GUY Went A Little To Far WITH His Revenge On His EX Girlfriend”

Even though it might appear that one of your friends has shared this link, he or she most likely did not do it knowingly. This is because whenever someone follows one of these malicious links, he or she...

Mathew Maniyara | 09 Aug 2010 21:10:48 GMT

In August 2010, Symantec observed a phishing website that targeted Facebook login credentials, which claimed to provide security to Facebook users. The page was not imitating the legitimate Facebook website, but appeared to be an alternate website that provided this facility. The phishing site was titled as a “Security and Privacy Update” website. The page stated that Facebook users were vulnerable to threats such as spam messages or hackers that could cause problems with their user profiles. The page further stated that if users confirmed their identity by providing login details, then they would be safe from such threats. On the contrary, if a user gave up their login details to the phishing site, the fraudsters would have succeeded and could steal the details for use in future attacks.

A free Web hosting site hosted the phishing site. The words used in the phishing URL gave the...

khaley | 01 Jul 2010 11:56:13 GMT

Despite threats, companies lack policies on social media at work

Nothing has happened to change the mind of IT management in the last several years; social networks remain a major security concern. What has changed is that social media has become more established, and the ability for IT management to block access to social media is less and less likely. According to some survey work we did, there is only a 1 in 20 chance of your company blocking access to social networking sites.

Part of this is no doubt because of the rush by businesses to adopt social networking in their marketing efforts. Companies have started Twitter accounts, created Facebook fan pages, and established a presence in online communities. What’s clear from our survey is that simply having a presence on social networks is good for business. In our survey, 52% of respondents said that a company’s presence on social media positively impacts their opinion of the company. As for keeping...

khaley | 14 May 2010 12:41:18 GMT

Last week I wrote about The Ghosts of Facebook; Facebook accounts whose owner didn’t appear to be a real person (in this case someone named Chong Loris). I got quite a bit of reaction to the blog. Some people registered with real concerns. Others wondered what the fuss was all about. In other words, was I truly shocked that some people are not who they say they are on Facebook?

I must admit I felt a little bit like Claude Rains in Casablanca. At one point in the classic Humphrey Bogart movie he shuts down Rick’s Café, saying he is “Shocked, shocked to find that gambling is going on at this establishment.” At that moment he is interrupted by an employee and given his winnings from the roulette table.

So no, I’m not shocked about phony Facebook accounts. And there are a few scenarios where it’s not a big deal. Certainly a violation of Facebook policy, but not...