June 1, 2013 No Comments-
Most people – if not everyone – reading this will have a Facebook account. With over one billion registered users, one in seven people use the world’s largest social network. Unfortunately, its popularity has made it a huge target for criminals, which means the social giant needs your help to keep it safe.
The dangers you face online may be easy to ignore, but because criminals can impersonate your friends to encourage you to infect your computer, you need to be extremely vigilant to stay safe.
In the last two weeks, for example, there have been two new threats detected on Facebook, with the viruses pretending to be people’s friends to help spread themselves.
The Facebook Trojans
Microsoft announced in mid-May that it had detected a new “trojan” malware attempting to infiltrate Facebook user accounts. The trojan (a piece of malware that pretends to be legitimate software in a bid to infect computers) took the form of browser extensions for Google’s Chrome and Mozilla’s Firefox browsers.
After installing an extension, the trojan checks to see if you’re logged in to Facebook. If you are, it then shares links with friends, likes pages, makes posts and even sends links to your friends – many of which, if clicked, result in your friends contracting the malware as well.
Some of the trojan’s most common posts are typical attention-grabbing headlines that malware writers always use. When translated from Portuguese, they say: “15 YEAR-OLD VICTIM OF BULLYING COMMITS SUICIDE AFTER SHOWING HER BREASTS ON FACEBOOK”, “Sorry guys, but this is ridiculous!!!”, and “The coolest tune at the moment. It’s really nice!”
Fortunately, Facebook itself has systems to detect and block these malicious browser extensions, but the fix can only be put in place after the trojan has been detected.
It’s our job – as members of the Facebook community – to ensure that if we see something suspicious, we don’t accidentally spread the infection.
To help prevent other people form becoming infected, you must avoid downloading infected files yourself – including browser extensions. Do this by reading reviews of anything you plan on downloading, and keep your virus protection up-to-date.
Also, if you see multiple people posting the exact same message on Facebook, inform them that their security may have been compromised and to check their computer for viruses – they’ll thank you for it.
The other recent threat to spread through Facebook was “Dorkbot”, a malware that monitors users’ internet activity and steals passwords.
It traveled through Facebook by infecting users’ computers and then starting Facebook chats with their friends. It would then share a picture file, which when downloaded would install another copy of the infection.
Facebook has now prevented this malware from operating on the site, but again, it could only do so after the infection was discovered. That took 24 hours, by which time at least 9,000 links to the infected file had been shared.
As a community, we can’t prevent people from trying to create malware any more than we already do. However, we can stop ourselves becoming victims of it. With the DorkBot attack – and many others like it – you can avoid danger by not clicking the link until you’re sure it’s coming from one of your friends.
If someone sends you a link that you’re not expecting on any medium – be it on Facebook chat or even in an email – it makes sense to ask him or her a question about it and see if they respond in a way you would expect.
Or – if you’re on a chat service – ask them a question that only they would know the answer to – your sibling’s name, for example. If they answer correctly, you can almost be sure it’s your friend.
These methods are not the quickest solutions, but they are quite simple. By asking just one or two questions you can almost certainly discover whether you’re talking to your friend, or just a virus pretending to be them.
And if you do discover that you’re talking to malware, you can then help your friends by informing them of what has happened, so they can virus check their computer and make sure it stays virus-free.
Made up of various contributors' opinions and insights - the power of the collective.
Norman Safeground Blogs Archive