Search:  

 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Security » FBI warns of social networking fraud, malware escalation
Search Topic:
Uniqs:
417
Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Security Software Updates - 04 Oct 2009 »
« "How I Keep Clean Without an Antivirus Guarding My System"  
AuthorAll Replies


Smokey Bear
veritas odium parit
Premium
join:2008-03-15
Annie's Pub

FBI warns of social networking fraud, malware escalation

Social networking sites hit with all manner of spam, phishing, malware and general fraud
Networkworld | 10/01/09

Fraudsters are targeting social networking sites with increased frequency and users need to take precautions, the FBI warned.

Just today Roger Thompson, chief of research at AVG Technologies, blogged about an automated rogue spyware attack using Facebook in which hackers create new Facebook pages. "We're seeing rather a lot of these, all from different profiles, but with the same picture and link. Clearly, the Data Snatchers have found a way to automate the creation of Facebook accounts, which means they've found a way to bypass the Facebook Capcha (the image of letters which are required for a new account, which are supposed to ensure that a human is involved)," stated Thompson.

The FBI meanwhile states that fraudsters continue to hijack accounts on social networking sites and spread malicious software by using various techniques. One technique involves the use of spam to promote phishing sites, claiming there has been a violation of the terms of agreement or some other type of issue which needs to be resolved. Other spam entices users to download an application or view a video. Some spam appears to be sent from users' "friends", giving the perception of being legitimate. Once the user responds to the phishing site, downloads the application, or clicks on the video link, their computer, telephone or other digital device becomes infected, the FBI stated.

Another fraudster favorite involves applications advertised on social networking sites, which appear legitimate; however, some of these applications install malicious code or rogue anti-virus software, the FBI stated.

Other malicious software gives the fraudsters access to your profile and personal information. These programs will automatically send messages to your "friends" list, instructing them to download the new application too, the FBI stated.

Symantec's Zulfikar Ramzan wrote in a recent CSO article that there's no question that online social networking continues to rise in popularity due to the numerous conveniences and opportunities it provides. There's also no question that social networking provides phishers with a lot more bait than they used to have. Threats can come from all sorts of avenues within a social networking site. Games, links and notifications are the low-hanging fruit for phishers to use as they lead people into dangerous territory. As society picks up one end of the social networking stick, it finds that it inevitably picks up the security problems on the other end, he stated.
»www.networkworld.com/community/node/45809
--
Smokey's Security Forums »www.smokey-services.eu/forums/
Smokey's Security Weblog »smokeys.wordpress.com/
Official Jetico Inc. Support Forums »www.smokey-services.eu/


Doctor Four
My other vehicle is a TARDIS
Premium
join:2000-09-05
Dallas, TX
·AT&T U-Verse

Here's a prime example of that, encountered when Mike Burgess (winhelp2002) was doing some investigation of several suspect domains at Google Diagnostic:

said by Hosts News blog :
Phishing for Facebook

While researching several suspect domains at Google Diagnostic ... Landing on "uxfl.co. cc"
which redirects to a IP address that tries to mimic a Facebook page complete with a bogus Flash player upgrade. As you can see my AV NOD32 jumped up and killed the connection, as the page automatically downloads a malicious file ...

»msmvps.com/blogs/hostsnews/archi···998.aspx
--
"The trouble with computers, of course, is that they are very sophisticated idiots." - Doctor Who (from Robot)


Smokey Bear
veritas odium parit
Premium
join:2008-03-15
Annie's Pub
Txs for the example Doctor!


DSL_Steve
Premium
join:2003-11-28
Woodbury, CT

reply to Doctor Four
said by Doctor Four See Profile :

Here's a prime example of that, encountered when Mike Burgess (winhelp2002) was doing some investigation of several suspect domains at Google Diagnostic:

said by Hosts News blog :
Phishing for Facebook

While researching several suspect domains at Google Diagnostic ... Landing on "uxfl.co. cc"
which redirects to a IP address that tries to mimic a Facebook page complete with a bogus Flash player upgrade. As you can see my AV NOD32 jumped up and killed the connection, as the page automatically downloads a malicious file ...

»msmvps.com/blogs/hostsnews/archi···998.aspx
What version NOD32 are you running?


N O Y B
St. John 3.16

join:2005-12-15
Forest Grove, OR

reply to Smokey Bear
...which means they've found a way to bypass the Facebook Capcha (the image of letters which are required for a new account, which are supposed to ensure that a human is involved)," stated Thompson.

Cool. It's about time someone proves capcha useless. Surprised it has taken as long as it has. There are better ways that are automated and do not require any extra user action.

--
Be a Good Netizen - Read, Know & Complain About Overly Restrictive Tyrannical ISP ToS & AUP »comcast.net/terms/ »verizon.net/policies/
Say Thanks with a Tool Points Donation


siljaline
clear and presentation danger
Premium
join:2002-10-12
Montreal, QC
·Bell Sympatico

reply to Doctor Four
Doctor Four See Profile the phising domain IP's have not yet been included in the MVPS HOSTS File They may be manually added using the HOSTS Editor


fatness
subtle
Janitor
join:2000-11-17
fishing
·EarthLink

Host:
Earthlink DSL
TekSavvy
Forum Feature Requ..
Need Site Help?
Rants, Raves, and ..

1 edit
reply to Smokey Bear
When I read articles like this my first thought is "some expansion of government regulatory/surveillance power is about to be introduced."

Please don't take that as me faulting the OP. What was posted is an important issue whether my suspicions are correct or not.
--
"That blast came from the pants! That thing's operational!"
-
Forums » Up and Running » Security » SecuritySecurity Software Updates - 04 Oct 2009 »
« "How I Keep Clean Without an Antivirus Guarding My System"  


Tuesday, 09-Feb 22:07:55 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10.5 years online! © 1999-2010 dslreports.com.republican-creole
page compression OFF
Most commented news this week
· [91] Verizon Wireless, Meet 4Chan
· [80] FBI Revamps Push For Two Year ISP Log Retention
· [72] Comcast Xfinity Rebranding Largely Laughed At
· [38] When MetroPCS Says 'No Contract,' They Mean 'Contract'
· [30] Fairpoint Files Bankruptcy Plan
· [25] Instat: Average Connection is 7.12 Mbps
· [22] Duh: Billing Companies Think Metered Billing 'Inevitable'
· [21] Google Lowers Nexus One ETF, Launches Phone Support
· [20] Cox Offers Free PS3s To Entire State Of Arizona
· [18] T-Mobile Owner Considering TMO IPO, Leap Acquisition
Most people now reading
· ADSL-CO/2009-261 Case update.... [TekSavvy]
· Who's the first to try Fibe 25? [Bell Canada]
· Sonic Tap will be replacing SiriusXM on DirecTV 2/9/2010 [Satellite Radio]
· 3.x Feral Druid - Bear Tanking Guide [World of Warcraft]
· Ashen Verdict Rep farming guide (ICC 10) [World of Warcraft]
· Jury Duty again [General Questions]
· DIR-655 New Release Firmware 1.33NA (1/28/2010) Discussion [D-Link]
· [WIN7] Discovered Something I Think. (Tip) [Microsoft Help]
· Advice for a friend! Help, electricity usage (Insane) [Home Repair & Improvement]
· VRAD Backhaul capacity question [AT&T U-verse]