Blog Archives

Facebook Dislike button spreads fast, but is a fake – watch out!

Image representing Facebook as depicted in Cru...

Image via CrunchBase

Don’t be too quick to click on links claiming to “Enable Dislike Button” on Facebook, as a fast-spreading scam has caused problems for social networking users this weekend.

Messages claiming to offer the opposite to a like button have been appearing on many Facebook users’ walls:

Dislike button on Facebook

Facebook now has a dislike button! Click 'Enable Dislike Button' to turn on the new feature!

Like the “Preventing Spam / Verify my account” scam which went before it, the scammers have managed to waltz past Facebook’s security to replace the standard “Share” option with a link labelled “Enable Dislike Button”.

The fact that the “Enable Dislike Button” link does not appear in the main part of the message, but lower down alongside “Link” and “Comment”, is likely to fool some users into believing that it is genuine.

Clicking on the link, however, will not only forward the fake message about the so-called “Fakebook Dislike button” to all of your online friends by posting it to your profile, but also run obfuscated Javascript on your computer.

The potential for malice should be obvious.

As we’ve explained before, there is no official dislike button provided by Facebook and there isn’t ever likely to be. But it remains something that many Facebook users would like, and so scammers have often used the offer of a “Dislike button” as bait for the unwary.

Here’s another example that is spreading, attempting to trick you into pasting JavaScript into your browser’s address bar, before leading you to a survey scam:

Offer of Dislike button leads you into posting script into your browser's address bar

If you use Facebook and want to learn more about spam, malware, scams and other threats, you should join the Sophos Facebook page where we have a thriving community of over 80,000 people.

Source :- http://nakedsecurity.sophos.com

Banned Lady Gaga video attack spreads on Twitter via rogue app

Watch out for tweets about a banned Lady Gaga video, currently spreading across the Twitter network.

The tweets are being posted by rogue applications, that users are allowing to access their profiles in the belief that they will get to view a prohibited video of Lady Gaga

Tweet promoting banned Lady Gaga video

VIDEO PROHIBIDO LADY GAGA banned [LINK] @shakira @ladygaga como ganar dinero facil

(Please note that the precise wording can vary)

If you make the mistake of clicking on the link you are taken to a fake YouTube webpage.

Fake YouTube page

Of course, you believe that you’re going to watch a banned video of Lady Gaga so you might very well click on the play button.

Doing so, however, asks you to grant permission to a third party app which wants to connect with your Twitter account.

Rogue Twitter application

Don’t, whatever you do, give it permission to continue. Because if you do, your account can now be accessed by third parties – who will be able to post messages in your name to all of your followers.

Hopefully the fact that the messages we have seen so far have all been in Spanish may reduce the impact of this particular attack.

Interestingly, it seems that Lady Gaga herself has been having trouble with these Twitter hackers.

The eccentric songstress, who has more followers on Twitter than anyone else in the world, posted a message yesterday saying:

Whoever is hacking my Twitter must answer to 10 million monsters and Twitter police. #Don'tMakeMeCallTheApostles

Lady Gaga@ladygaga
Lady Gaga

Whoever is hacking my Twitter must answer to 10 million monsters and Twitter police. #Don‘tMakeMeCallTheApostles

Although the singer quickly deleted the rogue tweets that had upset her so much from her page, I was able to discover them cached elsewhere on the net:

TAROT de shakira [LINK] clarividente de @shakira #horoscopo ganar dinero navegando

and

VIDEO PROHIBIDO LADY GAGA @ladygaga [LINK] ganar dinero navegando

The bit.ly links used in the messages posted to Lady Gaga’s Twitter page linked to the same fake YouTube page, and were created by the same person who appears to be behind the rogue application attack.

Lady GagaIs it possible that Lady Gaga, or the staff who manage her Twitter account, fell for the scam themselves? And that’s why the rogue message appeared on Lady Gaga’s Twitter page?

Lady Gaga has over 9.6 million followers on Twitter, making her the most popular person on the network (yes, beating even Justin Bieber..) and a prize goal for any scammer who wants their scammy spammy links to be spread to as wide an audience as possible.

If you were unfortunate enough to grant a rogue applications access to your Twitter account, revoke its rights immediately by going to the Twitter website and visiting Settings/Connections and revoking the offending app’s rights.

Don’t make it easy for scammers to make money in this way, and always exercise caution about which third party apps you allow to connect with your social networking accounts.

If you’re on Twitter and want to learn more about threats, be sure to follow Naked Security’s team of writers.

Source :- http://nakedsecurity.sophos.com

Yahoo India to Launch Search Direct within 2011

Will give predictive search results as you type keywords in the search bar

a chart to describe the search engine market

Image via Wikipedia

Like they say, better late than never.

A good half a year after Google launched interactive prediction based search feedback service Instant, Yahoo India just announced that it will launch its own version of Instant dubbed Search Direct. Don’t hold your breath yet, because the service will not be available till the second half of 2011. Just like Google’s Instant, Yahoo’s Search Direct predicts search results as you type in the keywords into the search bar. The announcement comes a week after Yahoo launched Search Direct in U.S. in the beta stage.

“The new search engine predicts search results as fast as a person types – character by character, and presents those results dynamically, generating a fast, simple search experience that goes beyond mere blue links,” said  Prabhakar Raghavan, chief scientist, senior vice-president and head of Yahoo Labs. Despite competition from Google, Yahoo reaches out to 30 million unique users per month in India, which is about 74 percent of the Indian Internet audience. Loyal Yahoo users therefore finally get one of Google’s most innovative features on the search engine of their choice.

%d bloggers like this: