Do you like sharing cool photos and videos on Facebook? Posting interesting thoughts on your wall or commenting on other friend’s postings? So do hundreds of millions of Facebookers like you. Unfortunately, the same goes for cybercriminals – and what they share or post can really affect your internet security. The popularity of the largest social network, the number of active users – currently, around 800 million – and the level of activity have turned Facebook into an attractive platform for attackers who use social engineering to spread malicious content, “phish” for personal details and/or earn money in a crooked way.
Internet security specialists around the web have been constantly warning users of the increasing number of social engineering scams on social media. And the year 2011 is one of reference in terms of number of attacks, variants of the same threat and sophistication of social engineering targeting Facebook. And all these come on top of Facebook’s controversial privacy issues.
The year cybercriminals really loved Facebook
Facebook was founded in 2004; by 2009 had become the world’s largest social network (active users), and in 2011, the popular social network has seen a peak in social scams. Cybercriminals more than ‘liked’ it – they really loved Facebook – thoroughly exploiting its name, features and functionalities. Thus, the internet security of many users was really shaken up.
Here is a compilation of scams and attacks that took over Facebook in 2011:
- Clickjacking. This type of social engineering attack is designed to lure users into clicking on seemingly harmless objects: like, comment, publish buttons, links including names of famous people, or images. Once they click on them, users are directed to either malicious or advertising pages.
- Internet worms.Koobface (an anagram of Facebook) usually ‘worms’ its way through Facebook by sending enticing messages to Facebook friends, such as “You’e beeen filmedd!” or “Are you erally in htat video?”. Once the receiver clicks on the link in the message, he/she is directed to a seemingly legit page – for example a YouTube or Blogspot page –, but which, in fact, is bogus and prompts the receiver to download and install a fake video player.
Another type of internet worm that has been released into the Facebook environment is called Palevo. At the beginning of 2011, a variant of it was used in an attack that exploited the Facebook chat and application functionalities – it sent messages disguised as photo album apps to Facebook ‘friends’; following the link in the message, users were prompted to download an executable “FacebookPhotos####.exe”.
These kind of downloads are malicious codes that start sending malicious links, as if they were coming from the respective (infected) user.
- Fake e-mail notifications. In 2011, unethical advertisers sent fake Facebook notifications by e-mail promoting pharmaceutical products. Cybercriminals went further and sent e-mails describing fake lottery wins and requesting personal information – this kind of notification had online fraud written all over it – or e-mails with malware attachments.
- Credit card scams. Cybercriminals also used Facebook groups to post easy money-making solutions under seductive messages, such as: “how to win the Lotto” or “how to earn big money”. In order to buy the magnificent solution, convinced users had to pay for the bogus product through credit card transactions only.
- Phishing. Facebook has consistently been a favourite platform for cybercriminals to go to and ‘phish’ personal details. They’ve become experts in creating fake pages – such as Facebook login pages – aimed at stealing users’ login information. With the stolen login details, scammers can use the tricked users’ account for malicious purposes.
- Scam and spam messages. Facebook has also been a tool for illegal and unethical advertisers to send enticing messages such as “Promises 500 free Facebook credits”. These actually lead to survey pages or ads, and also send the scam message through chat, wall posts, status updates, invites to the infected user’s Facebook friends.
- Fake applications. Facebook apps are so engaging that everybody uses at least one of them. The thing with these apps though is that they can access some or all of the user’s profile information. No wonder cybercriminals have started creating and spreading apps for malicious purposes – stealing profile details, sending spam messages etc. Malicious apps usually have catchy titles or come disguised as non-existing Facebook functionalities such as “who viewed your profile”.
Facebook dangers: predictions for 2012
Likejacking – a form of highly used clickjacking – was on the rise in 2011, and will most probably continue its surge in 2012. One thing is for sure: attackers will use Facebook and other social networks for more sophisticated attacks, refining the above threats or coming with new variants. They’ll most probably reach for higher goals, on larger scales, which will fully compromise users’ internet security, not just their Facebook identity or credit card details.
BullGuard’s internet security advice for safe networking:
- Check out the information posted on Facebook’s safety and security page. Built with the aim of educating users about internet security and safety, this page offers useful advice on how to take action if your account has been compromised, how to report a possible security vulnerability or Facebook threat. It also explains how everyone using Facebook has a shared responsibility of keeping it a safe environment.
- Use comprehensive and up-to-date internet security tools that ensure detection of new variants of Facebook worms and malicious codes used for spamming. The latest version of BullGuard’s Internet Security suite comes with a link scanner that shows safe search results on Facebook and antiphishing that provides protection from malicious and fake websites trying to steal information about you.
- And last but not least, don’t be too trusting! Examine closely the links you want to click on, the video titles that seem incredible, promotions and offers that seem too good to be true. Behind each enticing message could hide a serious internet security threat.