Tech Geek and More

Technology Explained for All

Sponsor Ad IDrive Remote Backup

Tag Archives: Facebook alert

Alert: 2 New Facebook Scams (July 2011)

facebook  One of the most common tricks the bad guys use to trick people into infecting their computers involve using current events. Since the beginning of the internet “Social Engineering” has always been the easiest way to get around any pc security.

     We have 2 new tricks making the rounds on Facebook.

1st Scam –

     Just a few days ago Facebook announced a new feature (that will be coming soon) allowing Facebook users the ability to do Video chat (http://articles NULL.cnn NULL.com/2011-07-06/tech/facebook NULL.announcement_1_mark-zuckerberg-facebook-spokeswoman-facebook-users?_s=PM:TECH) with others on your Facebook list.  Security firm SOPHOS is now reporting that the bad guys have started using that announcement to trick Facebook users into infecting their machines (LINK) http://nakedsecurity.sophos.com/2011/07/08/facebook-scammers-spread-app-pretending-to-be-video-calling/ (http://nakedsecurity NULL.sophos NULL.com/2011/07/08/facebook-scammers-spread-app-pretending-to-be-video-calling/) 

     The FAKE app will show on someone who has already been tricked into clicking the link. The idea being that if you see if the link on the page of someone you know, “then it must be safe”. If you happen to click on the link from someone “someone you know”, then the link appears on your page and the cycle continues. 

fbvidscam3-500

If you see a wall post referencing "Enable video calls.", don’t click it! Send your friend a message that they have been tricked.

     Keep in mind 2 things, (1) The Facebook Video chat will not be released as an add-on app on Facebook, It will be built directly into the site. (2) It isn’t out for general public use yet.

2nd Scam –

     With the Not Guilty verdict in the Casey Anthony verdict causing so many emotions within the general public, the bad guys have figured that emotion will override common sense.

     As SOPHOS is reporting (LINK) http://nakedsecurity.sophos.com/2011/07/10/leaked-video-of-casey-anthony-confessing-facebook-scam-spreads-quickly/ (http://nakedsecurity NULL.sophos NULL.com/2011/07/10/leaked-video-of-casey-anthony-confessing-facebook-scam-spreads-quickly/) , there is now a FAKE story showing up in posts claiming to be a confession video.

casey-anthony-1 

     For those who wonder why would anyone bother to do this there is a simple answer, MONEY…….

Because you’ll ultimately be taken to a page which pretends to be YouTube, but is really designed to trick you into taking a survey that earns commission for the scammers.

casey-anthony-3

     The page you will be taken to is FAKE and of course before you can see a video THAT DOESN’T EXIST, you need to fill out a survey.  In addition, if you click on the link, it will then appear on your wall and in your likes, with the hope that your FB friends will click see them and click on the links from you.

———————————————————————-

     As always, here are a few reminders

1 – Do your “homework” before clicking on links, even if they appear on the Facebook page of someone you know. Please understand, JUST BECAUSE ITS LISTED ON THE INTERNET, DOES NOT MEAN THAT IT’S TRUE

2 – Make sure you are updating your pc software. That includes Windows/Office Updates, Mac Updates (Yes Mac is starting to get the attention of the bad guys), in addition to Adobe Software Updates (Acrobat, Flash), Oracle Software Updates (JAVA), Your Antivirus maker software (you should be running something, a number of free choices, so there is no excuse), and your Anti-malware software (Superantispyware, Malwarebytes, etc.)…..

Alert: Another version of the “See who is looking at your profile” scam on Facebook

facebook In todays edition of Facebook scams to watch out for, is a new version of the “See who is looking at your profile” scam.  In the past, you would find messages like the following on your friends profiles….

image

If you clicked on the link, you risked compromising your Facebook account.  Seems the average user has hear of this enough that those who try and use this scam have now changed tactics…..

This one just came to my attention a short time ago.  Where someone on my list was tagged in pictures

image

As you can see the 3 pictures appear to be completely random.  If you place your cursor over any of the pictures you see the “LOL!! Me cant believe that you can see who is viewing your profile!…………”

If you were to click on any of the pictures, they will open in the Facebook picture viewer and at the bottom of the picture you will again see the message.

image

So lets go over this again.  If you see a message in Facebook that talks about “See who checks your profile” or anything even remotely like that.

 

DO NOT CLICK IT!!!!!

 

It is a scam, at minimum it will add messages to your profile that you don’t authorize, and at worst, it can compromise your Facebook account, allow for malicious use of your account and could even install other non-Facebook related malware/viruses on your pc.

Facebook does not allow in its terms of service for anyone to be able to give you the “see who checks your profile” information.  If anyone person or company says they can help you see that, THEY ARE LYING / IT’S A SCAM.

Facebook: Another scam alert – Fake Charlie Sheen Video scam

facebook (From the register)

(http://www NULL.theregister NULL.co NULL.uk/2011/03/07/charlie_sheen_facebook_scam/)

Charlie Sheen fake filth flick powers Facebook survey scam • The Register (http://www NULL.theregister NULL.co NULL.uk/2011/03/07/charlie_sheen_facebook_scam/)

www.theregister.co.uk (http://www NULL.theregister NULL.co NULL.uk)

Scammers have exploited actor Charlie Sheen’s increasingly bizarre antics as a lure for the latest in a long line of survey scams on Facebook.

**********************************************************************************************************

Tech Geek and More Note

As always scammers are looking to use human curiosity against you.  The want for the “latest train wreak”  is now and has always been one of the best ways for a bad guy to be trick you into falling for his/her trap.

Remember -

  • Keep your AV updated
  • Make sure you have a Spyware program or 2 installed on your pc. I recommend having both superantispyware and malwarebytes installed on your pc. You can find both at www.ninite.com (http://www NULL.ninite NULL.com) (Listed about mid-page, and both are free, even though both may ask you if you want to upgrade to pay versions.  The free versions are more than enough)
  • Always make sure they you update not only your Windows Install and Office install by going to Windows update in Control Panel (Vista and Win 7) or by Going to (LINK) http://update.microsoft.com/windowsupdate/v6/default.aspx?ln=en-us which is the Microsoft Updates page (Win XP and earlier) (http://update NULL.microsoft NULL.com/windowsupdate/v6/default NULL.aspx?ln=en-us)
  • DO NOT CLICK ON ANY link that you were not expecting, even if it appears to come from someone you know.  (This is the Red Riding Hood theory. )

Alert: Another Facebook Rogue app to look out for

facebook The rogue Facebook apps continue.  This time the warning is about an app labeled as haha or hahatoyourself.  It will appear on a page of someone you know, and may even include a direct message to you saying

Heyy (insert your name here), what are you doing in this video? LOL Embarrassing!

The scam may also list as

Look at you HaHa!

and look like a video post.

image

In both cases, DO NOT CLICK ON THE LINK, the links will attempt to install a rogue app on to your account.  If you have clicked on the links already, you will want to do the following

- Remove the posts from your account

- Check the allowed 3rd party applications

You really need to check and see what 3rd party applications have access to your Facebook account. There are many apps in Facebook that people find useful, at the same time, many other Facebook apps are just there to steal your data, or use your account in ways that you don’t want.

To check your Privacy settings for 3rd party apps, click on account (on the top right of Facebook) and then click on Privacy settings.

image

  • Now (in the lower left corner) select Apps and websites, where it says “Edit your settings”

image

  • This will take you to the Apps and Websites page where you should remove any app that you either do NOT recognize or that you no longer use

image

- *Run a full scan on your pc with Malwarebytes or SuperAntiSpyware to check your pc.

  • If you need to download either you can download them from www.ninite.com (http://www NULL.ninite NULL.com)

- *Run a full scan on your pc with your Antivirus Software.

  • If you don’t currently have an active Antivirus program, you can download a FREE Antivirus program from www.ninite.com (http://www NULL.ninite NULL.com).  (Tech Geek and More recommends Microsoft Security Essentials) If you have an old Antivirus program that is expired, you should remove it prior to installing the new Antivirus software.

(*Make sure you update the program prior to running it)

Alert: Facebook Scam to look out for – “See who viewed your profile”

facebook I ran across another (of the many) Facebook scam this week.  A friend had a post listing the iknow_extension this weekend.  The app is one of many floating around Facebookland all claiming that they can help a user see who have been “looking at your page”.

image

At the core, all these scam apps are the same, they prey on the unsuspecting who are not technologically knowledgeable. Some of the variations of catch line that I’ve seen are

  • Awesome! you can finally find out who has looked at your page
  • OMG… I cant believe this actually works! Now you really can see who viewed your profile!
  • Check out who has blocked you on Facebook

of course there are many more than these.

In all cases, it plays into the human curiosity factor, using social engineering to trick the user into infecting there machines.  One thing that everyone should be aware of, is that even if it was possible to create an app for the purposes of seeing who has looked at your page, such an app would be completely against the Facebook privacy policy.

In cases like the “iknow” app, it will lead you to a page with an “allow” function that will do 2 things, add itself into your Facebook profile, with the specific purpose of being able to then control your profile so that it can continue to spread itself (Like a bad disease), and also then tell you that you need to “download” a file to activate the app.  That download in fact being the master malware that will then infect and control your pc (I refer to it as the gatekeeper, as this malware you download in fact just handles what your pc does, so that it can continue to download more and more on your machine.  In the same way of what would happen if you gave a burglar the keys to your home, and he was just there to open the door so others can steal from your house).

If you do (or have fallen for these) scams, the 1st thing you need to do is go into the Applications and plugins area in Facebook to remove the rogue app from being allowed access to your account.  You do that by doing the following

Application and Plugins (http://www NULL.facebook NULL.com/help/?page=25)General Application Support: Adding, displaying, and removing applications (http://www NULL.facebook NULL.com/help/?page=964)

How do I remove or delete an application from my account?

You can remove an application you have allowed from the Applications Y…

You can remove an application you have allowed from the Applications You Use (http://www NULL.facebook NULL.com/settings/?tab=applications) page. To get to that page, follow these steps:

  1. Go to the Privacy Settings (http://www NULL.facebook NULL.com/settings/?tab=privacy) page from the “Account” drop-down menu located at the top of any page on Facebook.
  2. Click the “Edit your settings” link under the Applications and Websites section towards the bottom of the page.
  3. Click on the application you’d like to remove. If you don’t see the application listed, you can find it by clicking the Edit Settings button towards the top right-hand side of the page.
  4. You’ll then see an expanded view of your settings for that application. From here, you can click the “Remove application” link. Once you confirm you’d like to remove the application, it will no longer have access to your data and be removed from your profile, bookmarks, and your Applications and Games Dashboards.

Once you have done that, the next step is reviewing your Facebook posts and removing any posts created by the “rogue” application.  That is as a courtesy, so that others don’t fall for it from your posts.

Lastly – I recommend downloading the following applications, and running a full scan with each application (one at a time) on your pc.

  • Superantispyware
  • Malwarebytes

My suggestion for the simplest way of downloading and installing these 2 apps is by visiting www.ninite.com (http://www NULL.ninite NULL.com) and selecting them (about 1/2 of the page down).  Ninite will not only download the apps on to your pc, but also handle the installation of the apps on your pc.

Remember that before running either of the apps, you should find the update tab on each and make sure that the app is updated to the latest definitions.  Once each app finishes its “full scan”, clean out whatever each finds, and then reboot and run both apps again.  (I know this sounds like a pain) You want to reboot and rerun both apps to make sure that nothing was left behind.

If your scans come up clean, then you should be ok.  Until the next adventure in technology (at least)

Google Ads