Howdy FaceBook, I’m back.
I recently re-established my Facebook page to reconnect with friends and stay in contact with family. I didn’t have the account open for 2 weeks when I constantly saw posts about “Hackers will break into your account” or ” A hacker named Christopher Rosenqueist ate my Monitor”, and other nonsensical items that seemed to be scaring people into commenting or sharing it.
I quickly posted SocialMediaSecurity‘s “Facebook Privacy and Security Guide” to attempt to help my some of my non technical friends and family. I also tried to stop the spread by commenting with factual information.
These “Hackerz stole my life” posts seem to be a version of Fear Uncertainty and Doubt. (FUD). By posting or sharing unverified “hacker” claims, FUD is being caused and propagates itself through the system. Scaring people into spreading false information. Crying Wolf, that’s what these posts are. Stop and think, do you even care or notice when a car alarm goes off? Nope. Why? Its screaming for help. “I’m being broken into!!!!” Enough false alarms and no one listens.
Update: “crying wolf” may be a bad analogy. I understand most people are posting with sincere intentions and trying to help others.
Why are you boring me with this?
I wont any further, instead I will offer some of my tips to make your Facebook experience free from “Hackers”
1. Follow this guide.
2. Take ownership of the information, don’t just spread it. If you see something that seems scary, use google, or ask your friendly Security professional/ IT Guy. Learning how to spot these will allow you to help yourself and others.
3. Take ownership of your account. Follow good password guidelines. AND DO NOT REUSE PASSWORDS, if your FB password is the same as your banking password, and your etrade account, and your email account, and… then guess what? If a criminal gets one, you gave him keys to the castle. Have “fifty Million” passwords, and can’t manage them? So does everyone else, stop fighting it and let a password management program do it for you.
I tried to keep this short and to the point. If you have any questions or need help with any of the programs listed. Please contact me.
Update 2. Here is the FBI’s take on this.
TECHNIQUES USED BY FRAUDSTERS ON SOCIAL NETWORKING SITES
Fraudsters continue to hijack accounts on social networking sites and spread malicious software by using various techniques. One technique involves the use of spam to promote phishing sites, claiming there has been a violation of the terms of agreement or some other type of issue which needs to be resolved. Other spam entices users to download an application or view a video. Some spam appears to be sent from users’ “friends”, giving the perception of being legitimate. Once the user responds to the phishing site, downloads the application, or clicks on the video link, their computer, telephone or other digital device becomes infected.
Another technique used by fraudsters involves applications advertised on social networking sites, which appear legitimate; however, some of these applications install malicious code or rogue anti-virus software. Other malicious software gives the fraudsters access to your profile and personal information. These programs will automatically send messages to your “friends” list, instructing them to download the new application too.
Infected users are often unknowingly spreading additional malware by having infected websites posted on their webpage without their knowledge. Friends are then more apt to click on these sites since they appear to be endorsed by their contacts.
Tips on avoiding these tactics:
- Adjust website privacy settings. Some networking sites have provided useful options to assist in adjusting these settings to help protect your identity.
- Be selective of your friends. Once selected, your “friends” can access any information marked as “viewable by all friends.”
- You can select those who have “limited” access to your profile. This is for those whom you do not wish to give full friend status to or with whom you feel uncomfortable sharing personal information.
- Disable options and then open them one by one such as texting and photo sharing capabilities. Users should consider how they want to use the social networking site. If it is only to keep in touch with people then perhaps it would be better to turn off the extra options which will not be used.
- Be careful what you click on. Just because someone posts a link or video to their “wall” does not mean it is safe.
Those interested in becoming a user of a social networking site and/or current users are recommended to familiarize themselves with the site’s policies and procedures before encountering such a problem.
Each social networking site may have different procedures on how to handle a hijacked or infected account; therefore, you may want to reference their help or FAQ page for instructions.
Individuals who experienced such incidents are encouraged to file a complaint at www.IC3.gov reporting the incident.
[...] FB F.U.D. Howdy FaceBook, I’m back. – l-lacker – Cory Kennedy [...]