Sweet!! Yourr bootyy look awseome on thiss ivdeo!
Gee Thanks! I’ve been working out! …..oh wait a minute! What video??? CLICK!!!!
That was probably the script the culprit had in mind …and who knows how many times it played out.
I received the following message in my email inbox earlier from a cousin on Facebook.
It was so obviously malicious. Never mind the spelling issues. That is a trick typically used to get by email filters. My first reaction was to log in to Facebook and verify that it was indeed the source. I was reminded of an article I read about a similar fake LinkedIN email attack. In this case, the message was right there with a slight difference. The link now was more obvious.
One of those shortened bit.ly links that could lead you anyway. Without clicking the link, I clicked “reply” asking ” Did you send this?” . I already knew the answer but hey! I immediately got the following response from one of the sender’s friends.
The plot thickens…
I sent the cousin a message advising a change of Facebook credentials. The message was apparently sent to many other users. I’ve read and blogged about compromised Facebook account being used to spread malware and/or lure users to malicious sites but this is my first such experience. I’m not the average Facebook user though, since I only use it to cross-post blog updates. I didn’t have to time to investigate what’s on the other side of that bit.ly link but just thought I’d share the experience.
Beware fellow Facebook users!
|
William J McBorrough is a Security Expert with many years of success Managing, Designing, and Implementing medium and large enterprise Physical and Information Technology Security Solutions. His experience spans the spectrum from small e-commerce start-ups to multi-campus state and federal agencies to global financial sector organizations. He is on the faculty of various universities including University of Maryland University College, EC-Council University, George Mason University and Northern Virginia Community College where he conducts research and teach graduate and undergraduate courses relating to cybersecurity, cybercrime, cyberterrorism, and information security and assurance. He holds a Bachelors of Science in Computing Engineering with a concentration in digital networks and a Masters of Science in Information Security and Assurance. He is a Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified in Risk Information System Control (CRISC), and Certified Ethical Hacker (CEH).He is well versed in personnel, systems and network security risk management. His core competencies include Developing cost effective solutions to enable mission assurance in the following areas: Enterprise Risk Management, IT Governance, Security Organization Development, Information Security and Assurance
|
Related posts:
- Brevity is the soul of…..getting yourself infected with all kinds of nasties!
Would you click on the link : http://www.click-here-to-give-me-access-to-all-your-computer-files.com? No? How about http://www.bit.ly/12345? Not so threatening, is it? Yet, those two links could just as easily take you to the same... - Alert your connections if your Social Networking Account get compromised
Social Network attacks are becoming more popular as daily we receive news of accounts being compromised or credentials stolen and sold. What do you do when you find yourself fallen... - Fake virus alert spreads massively across Facebook
Panda Security has released the following advisory: In the last 24 hours, PandaLabs has detected the massive propagation among Facebook users of a fake virus alert. The truth is, this... - Facebook to share your information with other sites
Facebook users are expressing strong disapproval of proposed privacy changes will let the site share some user information with third-party Web sites and applications. Have you added your voice? These...