Facebook Security Warning
We’ve been telling people this for over a year, even published a security bulletin from AVG to this effect, but apparently never published an actual warning regarding the real risks associated with using Facebook (and MySpace).
Both of these Social Networking sites have been under attack since May 2008 by criminals intent on extorting money from individuals they infect with their Malware (also known as HostageWare, FakeAlert Software). When your computer produces a warning screen or popups in the lower right corner warning you of infections and an offer to “fix” the problem for $49.95 (up to $89.95 in some cases) it is TOO LATE. You are infected. You will not be able to fix this yourself. If you gave them your credit card information you will quickly find your card canceled due to fraudulent activity. (Call your credit provider card immediately if you have fallen prey to this scam)
This has been the pattern with these brilliant criminals working out of Eastern Europe for over a year now and there are no signs of the problem getting better. Many people ask “why do they do this?” “Money” is the obvious answer. No legitimate product will EVER pop up on your screen and ask for money to “fix” something wrong with your computer. These Fake Security / AntiVirus / Performance Tuning / Registry Repair tools are all infections, plain and simple.
- Just working with very small, easy to calculate examples at the low end of probability for these schemes, let’s say that one of these virus authors gets only 1000 people a day to “bite” on the offer to “protect” their computers. At $49.95 each, that’s Fifty Thousand Dollars a day. Pretty good money for sitting around eating Cheetos in your underwear in an (very nice) apartment in Kiev (Moscow, etc).
- Now factor in the bonus as a result of having all the victim’s credit card information entered during this transaction. Can you spell SHOPPING? Our resourceful virus writer is spending your credit card limit in a heartbeat – so fast your credit card company won’t be able to stop it before this thief cashes in nicely on your plastic.
- But the big payoff is gaining access you your personal identity information stored on your computer. Credit card numbers, social security numbers, user login information – anything stored or cached on your computer from previous transactions or for your own records can now be in their hands to use as they please. Identity theft is big business and can ruin your life.
We have disinfected over 250 computers since June of 2008 with one variety or another of these nasty infections. (Refer to our Bad Bugs List here in the blog for the growing collection of these pests) Absolutely nothing stops them, as these bugs are reinvented on an hourly basis. The best antivirus you can buy (AVG) will still not provide 100% protection against these thieves.
We have been recommending to everyone since this problem surfaced to AVOID FACEBOOK AND MYSPACE unless you are using a Mac or Linux-based system, as they are immune to this infection (for the time being). If you do not heed this warning, YOU WILL BE INFECTED. Period. Even the New York Times website was hacked and infecting their readers earlier this month, so it’s not just a Social Networking issue, but they are the primary focus.
“But I never click on anything. I just check my messages…” Great. But no protection. Most of these infestations are distributed by infected banner ads. As soon as the ad displays on the page you’ve loaded, IT’S OVER. YOU’RE INFECTED. It is NOT necessary to click on one of these ads for it to deliver it’s payload. The criminals actually pay for advertising so they can infect your computer and extort money from you, steal your identity, etcetera. They also hack user accounts so they can send messages that appear to be from your friends, but actually contain infected links. It has happened to my friends.
Why isn’t Facebook doing more to protect it’s users? We recommend you ask them exactly that. Also, send them the bill for cleaning or reinstalling your computer the next time it gets infected. See what happens.
And another thing. Be careful what surveys or “tests” or other cute features or add-ons you participate in on Facebook. Anything that requires a phone number to be involved will possibly start charging you every month for some infernal news feed while you get junk text messages you didn’t want. If you are getting these already, simply reply with STOP or QUIT – and they should remove you immediately. Also, dial 611 (assuming it’s your cell phone) and ask your provider to cancel the service you “signed up for” and refund the charges. If you get a decent rep, it should be no problem. If they are not being helpful, demand to speak to a Supervisor.
[Oh, and Google… Did you know these same miscreants are paying for top Google ad placement to sell you infected, fake AntiVirus products? We’ve seen them time and again at the very top of the sponsored links in Google search result pages…]
Panda Labs recently uncovered a website that offers to hack any Facebook account for $100.00. Once they have successfully gained access to your account, everything you have posted in that account is THEIRS. The result: Identity theft — YOURS! According to this website, only 1% of all Facebook accounts cannot be hacked! Once they have hacked an account, they have full access to your Friends’ contact information and now they can send them infected links or images, ostensibly from YOU. Nice.
Just say “NO” to Facebook!
Unless you’re using a Mac…
(I know, you NEED your Facebook fix… I use it all the time, just never from the office where we use all PCs. Only from home where I use an Apple OS x based computer.
Now for the serious part…
If you have given these clever criminals the money they ask for, call your credit card company immediately so they can start the process of issuing you a new card. If you have logged into any financial institution within a few days either side of the date when you first noticed the infection or during the infection period, CALL these institutions and have your password changed IMMEDIATELY. This is a good idea from time to time anyway, but after your computer has been infected it is mandatory.