LifeLock Blog

Facebook has constant malware attacks that most can void simply by not allowing the application access to their account. This recent malware attack, piggybacking on Charlie Sheen’s recent publicity, is much like the others except it uses a technique called click jacking to make it a little bit more effective.

The scam works like this. You see the article posted by a friend with a catchy title like “RIP! Charlie Sheen Found Dead at his House.” You click it and it takes you to a page that looks much like Youtube but isn’t. If you click anywhere on the page the malware gains access to your Facebook profile and it will start to post itself to others profiles. This is followed by a survey, that to this day I don’t know why people fill out, and then some reports of an actual virus that installs itself onto your computer.

If you click this link all you need to do is go to Account>>Privacy Setting.  In the bottom left you will see a section called ‘apps and websites’ click the link that says Edit your settings. Find the recent addition and remove the application’s access to your account. Then find the posts it made to friends walls and your own and remove them. That should take care of it.

You would think people would learn that you shouldn’t click on everything you see on the internet and on Facebook, but we constantly see people who refuse to learn this lesson. If people were smart enough not to fall for these tricks hackers would move on to something else. Another Facebook scam similar to all the others is using the super popular pop star Justin Bieber as it’s bait.

The malware works like most of the other on Facebook that make it through Facebook’s filters. There’s some kind of link that has eye catching title in this case “OH MY GOD!…Justin BIEBER Hits Girl For NO Reason! OMG! This Is So Badd!” When people click on it they are taken to a page that has a picture of a girl next to the Fox logo and a big invitation to “click here.” When you do you have to approve an application and will out a information forum. While you are filling out the forum the application is sending altered versions of the scam to your friends and to your wall.

The scam is all too familiar and should be to pretty much any Facebook user by now. The information gained form the users profile and form is used to make money for the creators of the Facebook malware. Who knows what they do with the information you gave them, perhaps could be used to steal someone’s identity, but you can’t assume it’s for anything productive.

If you have fallen for one of these Facebook malwares make sure to remove the application from the Applications and Websites page under Privacy Settings. This will prevent it from further spreading itself to your friends.

I’m sure most people are aware that you shouldn’t just click any link that is sent to you because there is always the possibility that it’s a virus or some kind of malicious software. People are also getting use to Facebook spam and scams as they become more prevalent, but what about Facebook chat? Would you trust a link sent from a friend on Facebook chat? If your answer was yes you probably shouldn’t because over the weekend Facebook chat had a outbreak of spam messages.

Messages sent over Facebook chat from one of your friends reads, “LOL is this you? and is accompanied by a link. You click the link, intrigued by the question, and disappointingly you end up at a 404 page. Well, what really happened is the website compromised your account and is now sending this message to all your friends who are online. This scam is very similar to the Twitter “LOL this you?” scam back in February.

Scams like these are designed to spread like wildfire and expose your profile and all the information it contains. You should always be suspicious of messages like these and question the person before clicking links you don’t recognize. When in doubt just don’t click the link. You don’t want scammers to have your information on your Facebook profile that could be used to steal your identity one day.

There is a scam born every minute on Facebook, and Facebook just can’t keep up and remove them fast enough. Many of the scams are just designed to spam you and all your friends, it works just like a chain letter. You authorize some spam app on your profile it posts stuff all over your profile and your friends click it and add it to their profile and it perpetuates from there.

The “dislike” button is something people have been asking for from Facebook for a long time now. The scammers used this to their advantage when claiming to be the official dislike button for Facebook. You  click a link from a friends profile that talks about a dislike button. It goes to a screen that wants you to install something to your profile. After you fill out a survey you get forwarded to a Firefox plugin that modifies Facebook’s appearance which isn’t apart of the scam. The Facebook application you authorized secretly post stuff to your profile that continues the spread of the scam.

The scammers are after the information in the survey which could be used to spam your email address or even used to steal your identity. Because the application posts items to your profile it has spread like wildfire through Facebook. Because the scammers deliver an actual plugin that presumably does something people are slow to figure out it was a scam.

Remember never give out personal information over the internet especially not to creepy Facebook applications. If you click something with an interesting title but it wants you to install something before viewing it don’t do it. It’s just spam and you should report it to Facebook.

Facebook is a great place to connect with friends and family and stay connected and communicate. Scammers also know this and will try and use that to their advantage. Facebook scams and distress scams are not a new thing but putting them together is a bit of a change and the public is starting to see them more ofter.

A distress scam is a scam where the thief will pose as your friend or family member and tell you that they have been robbed and need you to send them money. They typically say that are in another country  and need you to use Western Union to send them money. This scam has been going on for some time but adapting this scam to Facebook makes things a little more interesting.

A scammer gets a hold of your friends Facebook account and uses the Facebook chat to IM you. They tell you the whole story about being in London, or some other country, and how they got robbed and have no money or phone to use. They ask for a wire transfer and I think you know how the rest of the scam goes.

Of course this sounds outlandish to people who are use to the internet, but scammers use the information on your Facebook page to target someone who might fall for it like the elderly. They have all the information they need to find someone that might just send the money before confirming the story is true.

So know what to look for and don’t be taken advantage of. If someone tries this scam on you I would try and confirm the person is even in the country they are claiming to be in! You could also ask the scammer things that only that person would know and is not present on their Facebook page. This is sure to throw the scammer for a loop and most likely make them cut bait and run.

You should contact the person who had their account hacked and tell them to take back control of it, so no one else will be affected.

Phishing websites are big problem on the internet. Deviant individuals make a website that looks just like the login to Twitter, Facebook, Myspace, banking websites, and others. The victim thinks they are logging into their account on the given site but really they are sending their username and password to   the criminals.

Lucky for you there is a easy way to spot a phishing website, and that lies in the URL of the website. Whenever you are asked to login to a website, especially if you clicked a link and was asked to login, take a look at the URL of the website. Whatever comes before the .com, .net, .org or whatever is the actual site you are visiting. If you go to a site like the one in the image above the website you are visiting is secure-login01.com and the subdomains, which can be anything, is videos and twitter. They try to make you think you’re logging into twitter by making a subdomain called twitter on their website  secure-login01.com. Don’t fall for it! There can be only one twitter.com so unless the url was twitter.com at the end it’s not the real site.

Criminals use these sites that look just like the real login to steal your username and passwords that could be used to get into other accounts including your bank account. Many people who are ill-informed will use the same password for several or all websites they login to. This is a bad idea because now they have your password to all your accounts and only need to discover your username which also might be the same as your already stolen username.

So remember to look at the URL of a website that you are about to login to. It takes just a few seconds to confirm the URL is correct and could save you a lot of heartache in the long run. If you have a doubt  that the Url is correct leave the site and type it in manually or follow your bookmark that you know points to the real site.

A hacker let himself in through an unlocked virtual door at RockYou Inc and walked off with more than 32.6 million login names and passwords for users of Facebook, MySpace, Friendster and other social networking sites.

The login information was unencrypted and virtually unprotected, and, according to ComputerWorld, the users’ names were the same as those of the users’ Gmail, Yahoo, Hotmail or other web mail accounts. Though few people include Social Security or financial accounts information on their social media sites, any of that information in users’ web mail accounts could be accessed with accessed information.

RockYou says more than 130 million unique users take advantage of their tools for social media sites every month, including applications and services for greeting cards, horoscopes, games, emoticons and photo uploads and slideshows.

A segment of the database was posted on the hacker’s website along with his claim that he accessed 32,603,388 accounts, including their unencrypted, plain-text passwords. He warned RockYou, “Don’t lie to your customers, or i (sic) will publish everything.”

The data breach was discovered after database security firm, Imperva Inc, warned RockYou that hackers were using a serious error in their system to access to RockYou’s massive user database. At least another day passed before RockYou brought down the site, according to Imperva. RockYou said in a statement they immediate brought down the site and addressed the problem.

More than 285 million records were compromised in data breaches last year, and more than 50% of all breaches required little or no technical skill, according to the Verizon Business 2009 Data Breach Investigations Report. The investigators also reported that 83% of all data breaches could have been prevented last year if the victims had employed simple, inexpensive controls.