Beware of Facebook 'Friends' Who May Trash Your Laptop

JANUARY 29, 2009

Beware of Facebook 'Friends' Who May Trash Your Laptop
By JOSEPH DE AVILA
WSJ

The message that popped into Laurie Gale's Facebook inbox last month seemed harmless enough -- a friend had seen a video of Ms. Gale and had sent a link so Ms. Gale could view it. The link led to a video site that prompted her to update her video software, which she did. "Within seconds, everything started shutting itself down," says Ms. Gale, a 37-year-old lamp-works artist from Versailles, Ky. Ms. Gale's new Dell Inspiron laptop had been infected with malicious software, or malware, that has spread through social networking sites like Facebook and MySpace.. The popularity of social networks and social media sites has grabbed the attention of cyber crooks searching to pilfer passwords, called "phishing," and steal sensitive personal information. The hackers are exploiting users' sense of safety within these sites, says Pat Clawson, chief executive of Lumension Security, a computer security company. Earlier this month, Twitter, a social site in which users communicate in short bursts of text, was hit in a campaign to steal users' account passwords. On business-networking site LinkedIn, criminals set up fake celebrity profiles that, when visited, downloaded malware onto users' machines.

(snip)

The malware that has made its way through social networks differs from the so-called "Conficker" worm that has spread to millions of personal and business computers in recent weeks, according to security experts. On social networks, malware writers typically trick users into infecting their own computers. The Conficker worm spreads though a vulnerability in Microsoft Windows and infected USB drives. The attacks via social networks vary in means and intent. Messages may lure users with requests to click on a link to look at a photo or a video. The link may take the user to a phishing site or a site with malware. Some of the spam may be harmless advertising, but users should never risk clicking on such links, security experts say.

(snip)

Fewer than 1% of Facebook's 150 million users have become infected with malware using the site, says Max Kelly, Facebook's director of security. The site started seeing an uptick in malware attacks last summer. Facebook uses automated systems to watch for unusual activity like accounts spamming their contacts, Mr. Kelly says. Once a compromised account is detected, Facebook will have the account's passwords reset, and spam messages get deleted. Facebook says it will pursue legal action against parties targeting its users. Just last year, the company filed a civil suit and was awarded $873 million in damages in a default judgment against Atlantis Blue Capital and its Canadian owner for sending Facebook users unsolicited advertisements. The company's owner couldn't be located for comment.

MySpace saw malware attacks last summer, though the company says it hasn't had any reports of it in recent months. Only a "negligible amount" of MySpace's users have been infected with malware, according to the company. (MySpace is owned by News Corp., which also publishes The Wall Street Journal.) Twitter co-founder Biz Stone says programmers at the site improved the log-in security after a phishing campaign snared unsuspecting users. In it, users were sent messages saying something like, "Hey, check out this funny blog about you," along with a link. The link took users to a phony Twitter log-in page where users were prompted to enter their passwords.

(snip)

Users should use the same caution with messages on social networks as they would with email, says Ryan Naraine, a security expert with Kaspersky Lab, a computer-security company. Users should be especially wary of any messages from friends that don't sound like their friends wrote them. If they don't normally write OMG in a message, it's probably not them, says Mr. Kelly, Facebook's director of security.


Printed in The Wall Street Journal, page D1

http://online.wsj.com/article/SB123318610661426441.html (subscription)

I would like to send the spammers to a special place with the Republicans of this fine country so that they can all bugger themselves to death.

thanks for the laugh

:rofl:

Never even clicked on the skype IM link. The only protection I think is to shut down the ability of anyone other than people in your contact list to IM you. Took hours to figure out how to get the viruses off.

so all I can see is the icon jumping.

And when I open it, I find a window with "sexy someone" or something. I usually just close the window and quit the program.

I have no idea how one sens a virus through Skype..

Or people dont like to read their email headers.

it took me a long time to deal with it & i changed my email and it was a big mess. look out for evil self replicating ( i don't know what they are called) emails!

Just don't ever accept friend requests from people you don't know. And don't ever click on any link sent to you by someone you don't know.

anyone on Facebook. Yes, even by people I know.

After reading this, I am feeling a bit better

:-)

I don't even belong to any of those places. I always felt if you had to ask someone to be your friend, you were SOL for friends.

Thanks for the heads up on skype, my wife uses it.

Peace

observed how sites like Facebook have changed people's lives for the better. This is a phenomenon so significant that it is difficult for anyone to fully grasp the implications of how our communications platforms have changed so drastically.

Seriously, I advise anyone to explore this further.

and Twitter.

http://www.democraticunderground.com/discuss/duboard.php?az=view_all&address=132x8154681

Perhaps because I don't have that many friends and the ones that I do - we communicate via email. Many have Gmail or Yahoo or Hotmail so we can communicate even while traveling.

And... as it is I spend too much time on the computer. I don't remember when was the last time I got lost in the pages of a good book. Last week, when cable was down for five days! (I watched the inauguration on the o free air TV) I really felt lost. I should not.

A porn site link started popping up. I didn't click on it. Got viruses.
R

A pop-up ad? Facebook doesn't have those, so it must be malware you received somewhere else on the Internet.

Just messages popping into the Skype IM interface while I was chatting with someone else.

because I use a Mac. Suckers.... :P

http://blog.washingtonpost.com/securityfix/2008/06/new_trojan_leverages_unpatched.html

Don't worry - hackers are thinking of you guys too. Join the club! :party:

did not follow the link. I figure I have enough "friends" and don't need more.