I have been talking for some time about the expansion of “phishing” type attacks to use more than just email as the lure. We now have so many different methods for communicating one with another. Email, SMS (text), instant messaging, phone, and of course social networking sites. These sites have exploded in popularity over the past couple of years. In the U.S., they include primarily Twitter and Facebook. There are of course many others as well. This last week had two examples of using these social networking sites for nefarious purposes. The first one is more of a standard phishing attack using Twitter to infect the system with malware….
Twitter Scareware Attack – (June 1, 2009)
A scareware scam is spreading through Twitter. A message reading “Best Video” contains a link that, if clicked, leads users to a site that attempts to download phony security software known as scareware onto their computers. Once a machine is infected, the malware tells users that certain programs cannot be run because they are infected and offers several different packages at varying prices for software that will “clean” their computers of the infection.
The second is about how someone was able to compromise a Facebook account and then send messages to all his contacts. Statistics show that a user is ten times more likely to click on a link, or open an attachment when it is sent by someone they trust. These attacks are highly effective.
British MP’s Facebook Account Hit By Spam Scam – (June 1, 2009)
A British MP has expressed dismay that his Facebook account was hijacked and used to send spam messages to 1,500 contacts. Michael Fabricant’s account has been suspended; the spam messages, which ask the recipients to “Look at this,” contain a link to a maliciously crafted web page. Fabricant’s Facebook account was restored after he contacted one of the company’s directors.
When using social networking sites, you need to be much more careful than we usually are; both in the credentials we use to login as well as what messages we respond to.
The text for the articles above came from SANS.
