Facebook Attacks – What they look like and how to avoid them

Facebook is still the most used social media site, with more registered users than Twitter, LinkedIn and Google+. With Facebook being most popular, it has also had its fair share of manipulation since its launch in February 2004. Facebook holds a wealth of information about users, including birth dates, family and friend affiliations, addresses and years of personal history. As well as an archive of photos dating back from, possibly, before you even set up your account! And for those users who had their privacy violated it’s easy to see why they would be distressed.

In this post we will take a look at some of the biggest scams in Facebook history, what to look out for and how to try and avoid them so your account won’t become compromised.

Who viewed your Profile?

facebook profile

http://facecrooks.com/Scam-Watch/Who-Viewed-Your-Profile-More-ways-to-experience-Facebook-Scam.html

Who viewed your profile? Playing much to the hands of human intrigue – scammers cleverly import friend photographs to make an application which can apparently track who looked at your profile – similar you might imagine to how LinkedIn implements this. However, Facebook doesn’t allow 3rd party publishers the access to this level of information.

Don’t worry too much if you do initially click to see what the “Who viewed your profile” extension was about, unless you have gone further by allowing applications/extensions to your browser. If so, go into your browser toolbar, within the tools/extensions/plug-in areas and delete any files you aren’t sure about.  A more in depth guide can be found here if you are unsure if you may have been compromised http://facecrooks.com/Internet-Safety-Privacy/how-to-protect-your-facebook-account-from-rogue-browser-extensions.html

“Faecbook” Black

facebook black

http://www.symantec.com/connect/blogs/new-black-facebook-black-scam-spreads-facebook

Black was the supposed brand new Facebook with a black interface. Within the promotion of this, links were usually included within the comment section of the post, which typically, if you saw the post, would have had your friends tagged in.

From clicking on the link an iframe is used briefly to redirect the user onto a “Facebook Black” landing page, which you then click on to install Black as a browser plug in, very similar to the previous scam. From accepting this message, JavaScript code is downloaded which creates a new holding page for Black on your account, and then issues the user with a mandatory survey it has to complete before continuing. This is how the whole infringement is monetised.

Koobface

koobface

http://community.websense.com/blogs/securitylabs/archive/2011/01/14/new-koobface-campaign-spreading-on-facebook.aspx

Koobface, an anagram of Facebook, is one of the more popular hacks, which poses itself as a must see viral video – you know the ones “OMG you must see this videeooooo, soooooo funny insertspammylinkhere”.  When the link is clicked, an easily permissible notification pops up, claiming a flash or other driver may be out of date, which will then ask the user toconfirm the download. Once downloaded, the worm will attempt to infiltrate other computers, as well as take log-in details from various sites as well as social networking pass codes.

Zeus

Zeus or Zbot is one of the more serious attackers, which is similar to Koobface. If you haven’t heard of Zeus before, then you almost certainly will have heard of the Trojan horse program. The Zeus virus rears its head as appearing to offer sales deals or as a new Facebook update with increased security. Once prompted to log in, there appears a section whereby you put in your bank account details.

This spyware lies dormant until you try to access your bank account and then BOOM the cash is gone. The graphics on this scam look virtually identical to Facebook, as well as having part of a facebook.com URL.

zeus

http://lastwatchdog.com/unstoppable-phishing-attacks-blanket-facebook-twitter/

Likejacking

Likejacking is similar to the Koobface scams, in that it will appear as a friend having liked an article or some other piece of content. When you look at the content liked, it will first ask you to like the said article, before giving you access to this hidden content. This will then appear in your newsfeed should you click on it, with the same steps above happening to your friends should they be inquisitive enough to find out.

Although Likejacking is the supposedly least harmful of the above, it can be linked with spammy sites and malicious software.

Likejacking

http://labs.m86security.com/2011/02/cant-believe-a-girl-did-this-justin-bieber-you-shouldnt/

This post was written on behalf of http://www.cheapssls.com/by John Philips. Cheap SSLs are resellers of SSL certificates from the likes of Comodo, GeoTrust and VeriSign. To see more about them, please visit Cheap SSLs here.

You May Also Like

About the Author: Guest Author

This post is written by guest author, you can also write one here at socialh.com by contacting me to build traffic to your blog, build your reputation and promote your brand.

Leave a Reply

avatar
  Subscribe  
Notify of