Facebook

H-Online: A new type of phishing strategy, which aims to trick unsuspecting users into installing a trojan by pretending to be an account cancellation request from Facebook, has been discovered by Sophos. The email messages link to a third party application on the site that will install a Java applet and then prompt the user to update their Flash player, but will actually deliver the trojan malware. The email messages that are sent out claim to be from Facebook and state: “We are sending you this email to inform you that we have received an account cancellation request from you.” However, Facebook never sends such account cancellation confirmation messages via email. Users who want to cancel their Facebook account can do so by visiting facebook.com/deactivate.php to deactivate their account; they may later delete it after a cool down period has passed. ...

Facebook and security. Is it a marriage that has any legs? The social networking giant today announced its partnership with a number of security vendors. A Facebook blogger writes: Nothing is more important to us than the safety of the people who use Facebook, and the security of their data…That’s why we’re thrilled to announce the Antivirus Marketplace and welcome Microsoft, McAfee, TrendMicro, Sophos, and Symantec to the Facebook Security family. ...

Symantec Connect: Phishers often choose baits with the motive of targeting a large audience. Using popular celebrities as bait is a good example. Phishers understand that choosing celebrities with a large fan base would target the largest audience and supply more duped users. This month phishers are using the same strategy but, instead of targeting a popular celebrity, they associated their phishing site with the popular FC Barcelona football club. FC Barcelona is the world’s second richest football club and has a large fan following. The phishing site, hosted on a free web hosting site, has since been removed and is no longer active. However, though phishing sites are frequently short-lived, internet users should be aware that other phishing sites using this or a similar template could easily be encountered in future. ...

Symantec Connect: Phishers regularly introduce new types of fake applications with the motive of improving their chance to harvest user credentials. In February 2012, Symantec observed a phishing site recommending a fake application that allegedly removes “Timeline” profile for Facebook users. The phishing site was hosted on a free web hosting site. The phishing site embedded the Facebook Timeline promotion video from YouTube, with the claim “Remove Timeline Now”. According to this phishing site, users will have their “Timeline” removed from their Facebook profile and get back their old profile page—only after they enter their login credentials. To make the fake application look more authentic, phishers added that it was protected by an antivirus product with the logo of the antivirus brand placed below the login form. After user credentials are entered, the phishing page redirects to a page which displays a screenshot from the Facebook Timeline promotion video. If users fell victim to the phishing site by entering their login credentials, phishers would have successfully stolen their information for identity theft purposes. ...

SophosLabs: Messages are spreading between Facebook users, claiming that members of the social network have lost all respect for popular songstress Rihanna after watching a video. However, if you’re careless enough to click on the link you will find yourself lured into a survey scam that attempts to earn affiliate cash for fraudsters. A typical message trying to tempt users into falling for the scam looks like this: ...

It is widely anticipated that Apple will announce a new version of its iPad tablet computer in San Francisco on March 7th. An invitation sent to journalists, inviting them to an event organized by Apple, has fueled speculation even further as it appears to show a close-up of someone using an iPad. Could it be the new iPad with a much lusted for improved display and souped-up processor? Only time will tell.. ...

Oops indeed. At least if you were one of the Facebook users who believed that a hidden camera video had leaked onto the net of Justin Bieber sharing some intimate moments with his girlfriend Selena Gomez. Of course, Bieber’s typical fans – or those who would delight in his public humiliation by a hungry paparazzi – are probably unlikely to think twice about clicking on a link shared with them by their Facebook friends, claiming to leak to a sex video. ...

SophosLabs: Scammers are up to their old tricks on Facebook, tricking users into visiting revenue-generating survey scam websites by appearing to offer sex videos. Using a thumbnail which suggests a link to a sex video, messages posted on compromised Facebook users’ walls attempt to lure their unsuspecting Facebook friends into clicking to see more. And if the use of a saucy snapshot of a naked man and woman in an intimate pose wasn’t enough, the messages also include a variety of names (obscured in the images below) – presumably these are the names of the afflicted users’ Facebook friends. ...

SophosLabs: Facebook users overwhelmingly agree that it’s rude to post photos or videos of them without asking permission first. Some even think it should be illegal. Sophos has polled over 800 Facebook users, asking whether people should seek permission before posting photographs or videos online of others. Although a large majority – 83% – of polled Facebook users think it’s just common courtesy to ask permission before posting a photo or video of someone else (and a further 8% felt it should be illegal not to have received approval), some respondents believed that Facebook’s existing tagging controls allowed you to remove a picture that you didn’t want published online. ...

SophosLabs: The death of pop superstar Whitney Houston made headlines around the world this weekend, and it didn’t take long for fraudsters and cybercriminals to cash in on the singer’s death. For instance, messages have been seen shared on Facebook claiming to link to a video of Whitney Houston’s autopsy. According to the messages, the video of Whitney Houston’s autopsy “reveals a shocking secret that explains her death”. Here’s what a typical message looks like: ...