a work in progress
If somebody starts chatting with you and asks you to try a link, be wary …
No, I didn’t click on the link. I do my best to keep up with security patches, but why take the chance of visiting a site that’s likely to be filled with malware?
There’s a application called “Secret Crush” on Facebook whose entire purpose is to trick the user into installing the spyware/adware package Xango. Fortinet’s description on Help Net Security has some excellent screenshots. Facebook applications are likely to be fertile grounds for social engineering attacks because the invites usually come from your friends. Not only that, when applications install they require you to give the application permission to all your information, and encourages to spam your friends with invitations. After consenting to that, actions you’d typically think twice before doing (like “download spyware now”) seem pretty natural.
Some of the comments in the Slashdot discussion imply that Facebook’s already deactivated the app; no word on how many users were affected. The timing of this and the Facebook phishing attack Ryan Singel might just be coincidence; then again, it might be more evidence of a trend to increased spamming and scamming in the Facebook world.
Ryan Singel reports in Wired on a phishing scame is targeting Facebook users:
Some Facebook users checking their accounts Wednesday found odd postings of messages on their “wall” from one of their friends, saying: “lol i can’t believe these pics got posted…. it’s going to be BADDDD when her boyfriend sees these,” followed by what looks like a genuine Facebook link.
But the link leads to a fake Facebook login page hosted on a Chinese .cn domain. The fake page actually logs the victims into Facebook, but also keeps a copy of their user names and passwords.
Powered by WordPress