Blog Archives

PREVENTING SPAM scam on Facebook does exactly the opposite

Image representing Facebook as depicted in Cru...

Image via CrunchBase

If you’re seeing Facebook messages asking you to “do your part in PREVENTING SPAM by VERIFYING YOUR ACCOUNT,” don’t do so – you’d be creating spam, not stopping it!

The messages look something like this:

Usually, however, the clickable links at the bottom of messages on your Wall – highlighted in pink below – should look like this:

The scammers have replaced the “Share” option with a link labelled “== VERIFY MY ACCOUNT ==”. Clicking this not only activates the Share option (which you no longer realise you’re pressing), but also invokes a raft of heavily obfuscated JavaScript from a site in the .info domain. (This site is blocked by the web protection software in Sophos‘s endpoint and web gateway products.)

With all the unexpected Sharing going on, this message has spread like wild-fire. Instead of preventing spam, this particular campaign has been generating it at astonishing rates.

The good news is that Facebook seems to have taken some action to prevent the “Share” button being replaced in these messages. Since a few minutes ago, malicious messages appear with no links at all, like this:

The lessons to be learned from this outbreak of spam are as follows:

* Assume that messages which ask you to verify your account by clicking on a link are false. You wouldn’t (I hope) click on links in emails which claimed to come from your bank trying to panic you about your account. That would be a classic phishing scam using a false site to steal your username and password. So don’t trust that sort of link on Facebook, either.

* When you take some action on Facebook which doesn’t deliver what was promised – for example, if you end up Sharing or Liking something you didn’t intend to, or if you click through to an offer or competition which suddenly morphs into something completely different (a bait-and-switch) – assume you have been tricked. Review the side-effects of your actions. Remove any applications you may trustingly have accepted; unlike things you didn’t mean to like; and delete posts you didn’t intend to make.

* Be wary of unexpected changes to Facebook’s interface for Liking, Commenting, Sharing and so forth. Unfortunately, the nature of social networking sites is that they like to undergo rapid change. Cybercrooks exploit this by assuming that you accept ongoing changes as “part of how things work”. Don’t do so. If you see something different, check with an official source to see if it’s expected or not.

If sufficiently many Facebook users dig their heels in every time Facebook makes a gratuitous or confusing change in its interface, its privacy settings or its feature set, then it’s possible that Facebook will learn to adapt in ways which best suit the privacy and safety of its users, instead of adapting to improve its traffic and benefit its paying customers.

(Remember that as a Facebook user, you aren’t a customer. You’re effectively an informal employee, paid not in cash but in kind. Your “wage” is free access to the Facebook system. Your clicks generate the value for which Facebook can charge its customers – the advertisers who benefit from the fact that you use the network at all. Don’t sell yourself short.)

Source :- http://nakedsecurity.sophos.com

Advertisements

A First Look at Facebook’s New Deals

Tomorrow, Facebook’s new Deals featurewill be launching in five cities around the U.S.; here’s a first glimpse of how those offers will look and function.

Facebook logo

Image via Wikipedia

First, users who opt into Deals will get to see opportunities specific to their locations. Those offers will arrive via email or, in some cases, will appear in the user’s news feed on Facebook.

To be clear, these aren’t like the checkin-based deals for mobile users that Facebook launched for its nascent Places platform; while the initial mobile Deals product competed with Foursquare, the new product competes more with Groupon.

Each deal will have its own Facebook landing page, as shown below. Users can “Like” a deal, share it via several channels on the site, or opt to buy it right away. When purchasing the deal, users can pay with credit card or Facebook Credits.

It’s unknown whether Facebook will make more money from Credits purchases than from traditional ones. A rep said via email, “We’re not disclosing details about revenue splits, but paying with Credits will work the same way as paying with a credit card. It’s simply another way for people to pay for Deals. We think this just makes things easier for people using Facebook.”

Check out the gallery below for a walkthrough of signing up for, finding, buying and sharing the new Facebook Deals.

Source -: Mashable Blog

%d bloggers like this: