Facebook and MySpace users hit by cyber attacks
Friday 06 November 2009
Facebook users - already being targeted in a malware campaign - are now under threat from a phishing scam.
Security specialists Symantec report that the company's systems have picked up fake messages that appear to be sent by the social networking service.
Users will receive an email that looks like an official Facebook invite or a password reset confirmation.
If a duped user clicks on the 'update' button they will be redirected a fake Facebook site. They will then be asked to enter a password to complete the updating process.
As soon as the unwitting Facebook user does this, their password is in the hands of cybercriminals.
Dodgy subject lines for the phishing emails are: 'Facebook account update,' New login system' or 'Facebook update tool'.
The malware campaign that is still targeting Facebook is also propagated via email. This time, the message looks like a Facebook notification that the recipient's password has been reset.
It includes a zip file that, if opened, launches an .exe file, which Symantec's Security Response centre says is a net nasty called Trojan.Bredolab.
Once a users' machine is infected by this malware, it secretly dials back to a Russian domain and, Symantec says, "is most likely becoming part of a Bredolab botnet."
But it isn't just Facebook that is being lined up by cybercriminals; News Corp's MySpace is also under attack.
Potentially dangerous email subject lines to look out for are: 'Myspace Password Reset Confirmation,' 'Myspace office on fire' and 'Myspace was ruined'.
Symantec believes there will be another attack on MySpace in the next day or two.
"We also think that social networking sites with huge user bases are currently being targeted to infect maximum machines or gather passwords for more malicious activities in future," the security team said in a statement.
It advised users to be extra-careful of suspicious attachments, especially those including password reset requests. Legitimate websites will not send an attachment for resetting a password, it said.
Source: NZ Herald
Life & Style blogs
Britain's kitchens so filthy that they present a health risk, says new research
How to turn off/stop 'seen by' on Facebook: Disable it to make your chats seem less passive aggressive
KickassTorrents down: new Isle of Man domain taken offline just hours after launch
Company breaks open Apple Watch to discover what it says is 'planned obsolescence'
The confessions of men who ordered mail-order brides
The sickening truth about food banks that the Tories don't want you to know
Migrant boat disaster: Ukip candidate mocks victims in sickening Twitter post
Nigel Farage wants the BBC to stop making programmes like Doctor Who, Strictly Come Dancing, and Top Gear
Global warming: Scientists say temperatures could rise by 6C by 2100 and call for action ahead of UN meeting in Paris
Rupert Murdoch berated Sun journalists for not doing enough to attack Ed Miliband and stop him winning the general election
General Election 2015: Britain would become a 'communist dictatorship' under Ed Miliband and Nicola Sturgeon, claims wife of Michael Gove
- 1 Student jailed for hacking University of Birmingham computers to improve his grades
- 2 Smartphones are making children borderline autistic, says psychiatrist
- 3 Company breaks open Apple Watch to discover what it says is 'planned obsolescence'
- 4 Teaching profession headed for crisis as numbers continue to drop and working lives become 'unbearable'
- 5 The most powerful passports in the world
iJobs Gadgets & Tech
£70000 - £90000 per annum + bonus + car allowance + benefits: Ashdown Group: H...
£28000 - £32000 per annum + Excellent benefits: Ashdown Group: Application Sup...
£28000 - £32000 per annum + Excellent benefits: Ashdown Group: Systems Analyst...
£40000 - £48000 per annum + bonus and benefits: Ashdown Group: European Recrui...