Facebook spam
In the realm of Web 2.0 we see a prevalance of information sharing, especially in social-networking sites such as MySpace and Facebook. While there is nothing wrong with information sharing, there have been many concerns about privacy, productivity at work and a new platform for threats.
How is using Facebook a threat you may ask? Many people do not realize that their profile may be too “open”, allowing unintended people to view their profile. Unless you specifically choose not to allow strangers to contact you, you are susceptible to receive messages and wall posts. This means you can get those annoying spam messages about buying penis pills, fake Rolex watches or even worse, scam messages attempting to get your money.
See our article on Facebook best practices on how to protect your Facebook account.
Spammers typically target mediums which require the least amount of money (i.e. sites that are free to sign up). In order to send or post messages on Facebook, you must register a free account. This can be a tedious job for a spammer to do all day, and is potentially traceable by the IT staff at the target website. Spammers have now collaborated with, or started becoming malware authors. They will use or write a program such as Troj/Noreger-A (see below) to automatically register accounts on Facebook for the purpose of account exploitation.
What this means is that you should better screen users claiming to be your friends and don’t fall prey to spam messages.
Posted on June 5th, 2008 by Colin Louie, SophosLabs CAFiled under: Malware, Spam
Sophos beta program - Register now for our latest beta trials
Related posts
- Video: Change your date of birth on Facebook - right now
- From Server/Outlook update to FDIC to facebook phish: now with a twist
- Fake Facebook e-mail “Subject: updated account agreement”
- Make the Sophos Spam Pledge - as spam email turns 30 years old
- BBC Watchdog steals Facebook identities, and Sophos’s idea!
