You are currently browsing the category archive for the ‘General’ category.

A popular and heavily pushed scam this week focuses on using people to propagate the spam.  The tactic results from scammers trying to get around the normal spam blockers.  What better way to spread spam than using human subjects?

The bait is usually some free in-game cash or some other unfair advantage in popular Facebook games.  We have seen many examples of these promises across the social games.

Here is one promising “Free Farmville Cash”:

The way the scam works is they promise to deliver something that they obviously cannot. In exchange, they claim, all you need to do is: 1. like their page, 2. share it, and 3. spam some message (almost always with a link back to the site) to some arbitrary amount of pages.

Like this:

Of course the end result of all this is you don’t get what was promised, and the spammer now has you broadcasting his garbage everywhere.

Here are some more examples:

This one targets Minecraft:

Keep in mind that there are a great deal more of these out there using all sorts of bait. The base scam is the same though, trying to get regular Facebook users to do the spamming for them.

Advertisements

In keeping with our policy of vigilance, we recently have found another attack targeting Justin Bieber’s Facebook page.  If you recall from last week’s Top 10 list, Justin Beiber’s Facebook page achieved the top spot in the Dangerous category and the seventh spot in the Spamiest category.  To better acquaint you with the threat, we’ve broken down what happens.

Here we see some “Breaking News”:

Apparently, Justin Beiber has been caught red-handed! Quick, click “subscribe.”

Uh, that’s not what we were expecting, but never mind that right now. Onwards!

There we go! Now we can watch our video.

Wait a minute! Does that say YouTube? We could have seen this (shaky) video by simply going directly to YouTube. What was all that messing around with permissions?

And just look at what this app has done to our wall.

Spam. In our name. Bad app, no treat.

The moral of this story is, never allow an app more permission than it should logically need. All this app claimed it was going to do was show us a video, so why would it need permission to post to our wall, access our data anytime, or manage our pages?

If you or someone you know has fallen victim to this app or one of the many others like it, you should revoke the app’s permissions. To do this, go to “Account>Privacy Settings”. Under “Applications and Websites,” click “Edit your settings.” Then click “Remove unwanted or spammy applications.” Finally, click the little “x” by the app you want to remove and confirm your desire to remove it by clicking the blue “Remove” button in the box that pops up.

And if you really must see that video of Justin Beiber kissing some girl…

http://www.youtube.com/watch?v=qyRA2xyK1e8

Knock yourself out.

Even though this is our second post (we anxiously got our first post out when we found a phishing scam on Facebook), we would like to welcome you to the SafeToBe.Me blog.  We will be using this blog to give updates on the SafeToBe.Me service, to communicate security threats as we find them, and to communicate our perspectives on staying safe in the social world.  To get things started, we thought it would be useful if we provided some background on why we started SafeToBe.Me…

The Social Web, which includes services like Facebook and Twitter, has changed the way people interact.  It has also changed the way cyber crooks work.  Historically, cyber crooks went after computers and networks.  So security tools were traditionally geared towards protecting those resources.  Your router/firewall is protecting your home network and your anti-virus software is protecting your computer from being infected.  Now, cyber crooks are focusing directly on You.  They are not going after you physically; they are going after you where you spend your time online, which for many of us today are in social networks like Facebook.

Social networks are great.  They let us keep in touch with friends, even when they are not physically close to us.  We can easily see what our friends are doing and we can share our thoughts with them.  Social networks, like Twitter, also let us find people with similar interests, as well as explore new interests.  They are also great communication networks because when we share something interesting, our friends can share it with their friends and so on. Social networks also give us a feeling of security because we are familiar with most people we are communicating with and when we are talking to strangers, we are out of their direct physical reach.  And, a nice aspect of using social networks today is that we don’t have to be at our own computer to participate.  We can use smart phones and devices like the iPad.  All of these factors that make social networks great, however, are also the same reasons why social networks are an ideal attack ground for a new generation of cyber attacks.  These attacks are everything from simple SPAM and scams, to various forms of social abuse, to more complex identity theft type attacks that try to gain access to your account.

We started SafeToBe.Me to fight off this new social form of cyber attacks.  So that you can enjoy participating in the Social Web.  So that you can be you, safely.