Facebook survival guide for awkward adults

By Daniel Harrison, contributor

What you need to know to avoid embarrassing your kids (and yourself)

Introduction

Thirty-five percent of adults would like to know 25 stupid things about you. Actually, that's an overstatement, but 35 percent of your peers are actually using the sort of sites where that nonsense occurs.

That's right, Pew Internet Research tells us 35 percent of grown-ups (defined as anyone between the ages of 18 and dead) are now using social networking sites. Of course that doesn't mean they're necessarily on Facebook. They might be on LinkedIn (a business social networking site) or MySpace (for musicians and goth tweens), or maybe they're on Friendster. (Just kidding; no one's on Friendster.)

Still, the fastest growing group on Facebook is infamously the 35-54-year-old segment. And since grown-ups have quadrupled their likelihood of using these sites in the last four years, you might find this orientation guide to Facebook useful.


So, uh, what is it?


Facebook is what we're calling a "social networking site," which means they don't have to create content, just post what your friends write. That, however, is not actually as bad as it sounds.

What it really means is they let you create a profile, invite some "friends" to view it, and post countless precious updates so people know you're alive and doing junk. You can also use it to send e-mail-like messages or to raise your blood pressure while trying to use their simply awful IM.

Mark Zuckerberg created Facebook to let college students find each other after parties. Then he saw a bazillion monetizable eyeballs outside and decided to throw the doors open. Now with all those eyeballs, a cadre of advertisers using his system to reach them, and a percentage off the top, all he has to do is tart it up to look like Twitter (apparently).

Anyway, it's fun! The two tricks to getting along well on Facebook are, don't trust anything, and if you want to remain hip, don't try so hard. Preserve that hard-won dignity you earned by surviving puberty, the prom, and possibly parenthood.


Getting started: Your picture


When you set up a profile, Facebook suggests you choose a picture to represent yourself. As with anything, your choices here can reveal some truths you would have preferred stayed hidden.

For instance, if you're not an actor or model, use a glamour shot at your own peril. You don't look reflective, brooding or perky. You look like a narcissistic jerk. Sincerity is (always) hipper than hair gel, you smug peacock.

Second, college is over and no one's buying it! You got fatter; hair migrated; and drinking caught up. What do you think happened to us for crying out loud? Let it go. Time forces what we might euphemistically call "the mantle of wisdom" upon us all; How gracefully you accept it is up to you. In short, don't lead with a picture of yourself that's older than Facebook.


Your picture, again


Since you've probably already screwed this up - there being so many ways to do so - your best bet is just to get a snapshot Simpsonized or Obama-ated and go with that.

Listen, your kids are adorable, and while we're at it, let's extend the fiction to say we're glad you finally got someone to marry you.

Nevertheless, those crowning achievements do not belong in your profile picture. Nor, by the way, does a picture of a dog (unless, that is, you really are a dog, in which case, congrats on getting online. That's impressive! Good dog!)

Here are the rules: Kiddie pics go in your gallery (we love to see them) and spouse pics go in the gallery or on their own Facebook accounts. If your spouse isn't on Facebook, maybe he or she just isn't that into you and your annoying friends. Just saying.


Accepting 'friends'

Welcome to the firing line! People who have been on Facebook for over a month inevitably find themselves asking, "who are all these 'friends,' and, what on Earth was I thinking?"

The moment you sign up, people will find you and ask you to be "friends." They want to pester you with fake flowers for a garden you don't actually have. Scientists will puzzle over this for decades to come. If these potential "friends" aren't, you know, actual friends you might want to talk to on the phone, you should probably pass.

Simply put, the more "friends" you have, the more nonsense will scud up your inbox. If you don't care about the jerky details of Jerkwad's summer "vacay," don't make Jerkwad a friend. Besides, you don't have to accept or reject "friend requests" as soon as you get them. Wait until the requester does something useful like hit the lotto.


Nothing stays in Vegas - nothing!


You'll probably end up being Facebook friends with real friends, people you dislike, workmates who can't take a hint, and God only knows who else. As this dude dressed as a fairy found out, the hard way, some of your "friends" are "friends" with people you are hiding stuff from.

If your jackass freshman roommate somehow got to be buds with your boss and put up a picture of you at a party when you were supposed to be home sick, you're hosed.

Worse yet, if said ex-roomie goes ahead and uploads that picture of you and the mule from spring break '98, and then tags you in it (for the love of Pete), all your friends get a look. Why did you make that dude a friend anyway? We talked about this.

It's theoretically possible to set your privacy settings up so none of this happens, but honestly, you're probably not smart enough.


Updates: Stay classy, San Diego

You don't have to simply suffer other people's inane updates. (Bob loves pie? Thanks for the breaking news, Bob. I'm going to write that down for future reference.) No, you can also tell your friends all the dull stuff in your own life.

Some might find your updates offensive. The cautionary tale here is one about a guy who stabbed his wife to death when she changed her status to "single." Facebook takes unfair blame for this, though. It's like blaming Nokia after calling your boss between the third and fourth rounds of shooters to tell him where he can shove his snooty attitude. Still, if your friends are crackerjack insane, don't provoke them. P.S., that's true offline as well.

Meanwhile, some announcements aren't really fit for a broadcast medium. Are you getting divorced? Should some of your acquaintances visit a public clinic soonish? If so, that's news you take door-to-door before putting it on Facebook. Your sainted Grandma never threw wide the shutters and bellowed, "What up haters? I'm pregnant!" to the assembled townfolk, now did she? Use some judgment -- it's the Internet, not a barnyard.


Comments


Mostly comments are fun. You or a friend posts a status update and people crack wise or express sympathy or whatever. Community ensues and everybody avoids doing any work for another couple of minutes.

However, be aware that some people have way too many friends. Commenting on their status, means you'll be alerted whenever their friends comment after you.

While that would be okay if your friends have chosen their friends on the basis of wit and insight, they most likely have not. In a sufficiently large population, 50 percent of everyone is below average. And now you have to listen to them sound off.


Applications

There is nothing funny to say about Facebook applications.

Applications are part and parcel of the platform that Mark Zuckerberg put at the disposal of his ad-men friends. Anyone can build a tiny program that operates on the Facebook platform, and so they have.

Some allow you to do soundly important stuff like play a fakey stock market, or challenge friends to games of Scrabble. Others let you tend pretend gardens, take endless quizzes about the 80s, or give each other fake beers. Now you've got a fake beer with a real craving chaser. Yay! Nobody wins!

Most importantly though, applications provide value to their creators in direct proportion to how many people use them. Consequently, they'll do their best to trick you into inviting all your friends to install them. And when you install them, there's a good chance they'll steal your saleable data, so that's nice.

To recap: Applications are irritating; you get them from your friends. And they're easy to spread inadvertently. This is how venereal diseases roll, too. So there's that.


Groups


Groups are some advanced Facebooking material and you should probably just forget about using them. Like anything, they can be useful if used well. In practice though, they generally suck. If you are fanatical about stuff like chalupas or Marilyn Manson's inexcusable absence from "Guitar Hero," or if the strength of your conviction that cancer is bad is enough to make you click a button, then groups may be for you.

However, unless you POSITIVELY KNOW that your friends feel the same way, leave us out of it.

Don't presume just because a digital Teddy bear was enough to get you interested in curing malaria that we're equally shallow. Or maybe a unicorn already cajoled us into raising awareness of Type 1 Diabetes and we've got scant time left for your fluffy bear and its impositions concerning our favorite diseases.


Contributor Daniel Harrison thanks Facebook pros Michael Thomas and Emma Patrash for aid in helping him avoid embarrassing himself here, like he's doing right now on Twitter.

from: http://www.msnbc.msn.com/id/29555198/ns/technology_and_science-tech_and_gadgets?pg=4#Tech_FacebookGrownups

Ten practical tips in the wake of the latest Facebook phishing attack

Tuesday, 19 May 2009 10:34

Tips help internet users against Cybercrime’

Kaspersky Lab has responded to the latest phishing attack on Facebook with ten practical tips for all users of the Internet on how to stay safe online from the threat of Cybercrime. The Internet security vendor advises that malicious code distributed via social networking sites is 10 times more effective, in terms of successful infection, than malware spread via email.

On the 15th of May the Facebook was hit by another phishing attack (a tactic designed by Cybercriminals to steal a person’s identity, gather personal data and use this to defraud the victim of their money.

Eddy Willems, security evangelist of Kaspersky Lab Benelux explains: “Given the phenomenal success of Facebook, Hyves, Twitter and other popular social networking sites, it should come as no surprise that it has attracted the ongoing attentions of Cybercriminals and the threat shows no signs of abating. Phishing scams succeed by luring in their victims under the pretence of something that at first glance may appear legitimate. Remaining vigilant and taking the right precautions is the key to not falling into their trap.”

Malicious code distributed via social networking sites is suggested to be 10 times more effective in terms of successful infection than malware spread via email. Internet users are far more likely to click on a link received from a trusted friend, rather than a link in a random spam message. Kaspersky Lab has recently seen a massive increase in phishing attacks on the Facebook login page. Cybercriminals have been using the sites internal message system to send short messages that direct visitors to a website purposely designed to clone Facebook’s log-in screen.

Kaspersky Lab’s top ten tips for protecting against phishing attacks

1. For sites such as Facebook create a bookmark for the login page, or type the URL directly into the browser address bar;
2. Don’t click on links in e-mail messages;
3. Only type in confidential data on a secure web site;
4. Check your bank account(s) regularly and report anything suspicious to your bank;
5. Look for giveaway signs of phishing e-mails:
- if it’s not addressed to you personally.;
- if you’re not the only recipient;
- if there are spelling mistakes, poor grammar or syntax or other clumsy use of language.
6. Install Internet security software and keep anti-virus updated;
7. Install security patches;
8. Be wary of unsolicited e-mail or IM messages;
9. Be careful about logging in with Administrator rights;
10. Backup your data.

Willems provides a final word of warning: “High profile reports of scams such as the latest Facebook attempt raise awareness of the risk of Cybercrime, but it is important to make clear that it is not an isolated incident as we are detecting over 17,000 new Internet threats everyday.”

For the latest on anti-virus, anti-spyware, anti-spam and other IT security issues and trends, please visit www.viruslist.com or www.threatpost.com.

from:http://www.kasperskylab.nl/en/press-releases/ten-practical-tips-in-the-wake-of-the-latest-facebook-phishing-attack.html

Unstoppable new phishing attacks blanket Facebook, Twitter, Hotmail

Posted on | October 28, 2009 | 3 comments

How quaint seem the days when naïve hacker wannabes phished PayPal logons, then posted them on IRC chat channels, to try to make a few bucks — but mostly for bragging rights. That was circa 2002-2003.

Fast forward to the present. At this moment, Facebook is being blanketed by two high-volume email phishing campaigns.

These are serious, money-making drives that leverage PCs infected in previous attacks. While the perpetrators get rich, they also lay groundwork assuring future attacks.

This new breed of multi-purpose, continually-expanding phishing campaign is also inundating Twitter – nearly to atrophy. Twitter is at a loss as to how to effectively deal with hordes of hacked Twitter account holders stampeding to change their passwords.

Meanwhile, Hotmail, Gmail, YahooMail and AOL mail are under seige, as well. Phishing attacks to trick legit users into giving up their log-on credentials have become so routine that newbie hackers can pull them off with ease, using free tool kits; some of these newbie phishers are so fresh-faced that they feel compelled to brag about their new-found skills to the British press.

But make no mistake: phishing has evolved into a very serious, lucrative criminal industry. After a lull earlier this year, phishing levels spiked 200 % between May and September, according to IBM X-Force.

Phishing for financial account log-ons, common for nearly a decade, continues. By now, most Web users know enough to avoid them. However, in the ever-evolving calculus of the cybercrime, the username and password to your non-financial Web accounts — especially Hotmail, Facebook, Twitter, Gmail, YahooMail and AOL mail — have emerged as white hot commodities.

“These log-ons can be used to accomplish a number of tasks,” says Sam Masiello, threat researcher at McAfee’s MXLogic messaging security section. “A user’s login information could potentially lead to a gold mine.”

Unstoppable campaigns

The ongoing Facebook attacks vividly illustrate what’s going on at the cutting edge. Two top botnet gangs are bombarding Facebook members with targeted phishing emails to get control of their Facebook accounts.

There is nothing Facebook can do directly — beyond warning its members — to slow down these attacks. “This virus has been spreading over email, not on Facebook,” says Facebook spokesman Simon Axten. “We’re educating users on how to detect this through the Facebook Security Page.”

In this ongoing attack, the bad guys are directing an army of computers they’ve previously infected to systematically send out trageted email messages, like the one shown below, to millions of Facebook members.

The messages advise recipients to click “here” to activate a “new login system that will affect all Facebook users.” This takes the victim to a mocked-up Facebook log-in page, shown below, with the victim’s email address already filled in, but the password blank. Typing your password, of course, gives up full access to your Facebook account to the crooks.

But they aren’t done yet.

Another prompt, shown below, then appears advising you to download an “update tool,” which actually installs the ZeuS banking Trojan, (insert usat ZeuS, link) which lurks on your harddrive waiting for a chance to steal your online banking log-ons, the next time you type them.

As of this morning, messaging security firm AppRiver had counted 41 different Web domains sending out 600 of these targeted phishing emails per minute. “We have seen around 6 million pieces of email so far this morning,” says Fred Touchette, senior analyst at messaging security firm AppRiver.

At its peak yesterday, about 1,000 viral emails per minute were being pushed out, he says. “This was a two-pronged attack,” says Touchette. “The first purpose was to phish Facebook accounts, and the second was to attempt to deliver a Trojan onto the victim’s machine.”

The Trojan installed was none other that ZeuS, the uber popular Banking Trojan that can be customized to do everything from stealing account log-ons to specific banks, to automating man-in-the-middle attacks that stealthily extract funds while the real account user is logged on. See LastWatchdog’s investigative report on A-Z, the rich young creator of ZeuS, who presumably continues to earn royalties for his masterpiece.

This same group of phishers has tried variations of this type of phishing attack — with lures purporting to come from the IRS, the HMRC and a banking consolidation service in the UK called One Account. The phishers’ main goal is to “intercept financial account information,” says Touchette.

Bredolab wormhole

The other big, ongoing Facebook phishing campaign began on Monday, 26OCT2009, around noon Pacific time, says Jamie Tomasello, abuse operations manager for messaging security firm Cloudmark.

These emails purport to come from support@facebook.com, and contain a zip file said to hold the recipient’s new password, recently changed for security reasons by Facebook.

This simple ruse is fooling many smart, computer-savvy people. Cloudmark has found evidence of Facebook members actually going into their junk mail folders to retrieve these viral messages, then clicking on the infectious zip file. This installs a the Bredolab Trojan downloader, a versatile little program that works like a wormhole into the PC’s harddrive.

The thought of a tech-savvy Facebook user grabbing a viral email out of a junk mail folder and clicking on an viral zip file must have the attackers joyous.

“People are very addicted to their Facebook accounts. They are so accustomed to communicating frequently and rapidly all the time,” says Tomasello. “They are aware of all the attacks, and are concerned about them. Yet many of them believe this is a legitimate security message from Facebook that got inadvertently sent to their junk mail folder.”

Unlike the attackers spreading ZeuS infections, the Bredolab campaigners do not try to first get the recipient to type in his or her password. As shown below, this criminal gang cut right to the quick and asks you to download a zip file that installs the Bredolab wormhole, according to security firm M86.

One of the first programs the attackers download through the wormhole is a botnet management program that enlists the PC into the infamous PushDo botnet, one of the most prolific distributors of pharm spam, says Bradley Anstis, Vice President of
Technical Strategy at M86 Security.

By installing the wormhole and botnet agent up front, the attackers quickly gain the option to come back later and download a keystroke logger to grab the any Web mail, social network or financial account log-ons.

In fact, researchers at VeriSign iDefense found evidence the bad guys followed up rather quickly to do just that. “The Bredolab downloader installed two additional Trojans — in this case, ZeuS and Glacial Dracon,” says Ryan Olson, Rapid Response Director at VeriSign iDefense.

“Both of these Trojans are designed to steal information as well as credentials for online banking Web sites,” Olson continues. ” In the end, the goal of these attacks is usually financially motivated - and the market for online banking credentials is relatively lucrative.”

Virgin accounts

In the evolving cyberunderground, valid Web mail and social network accounts are considered highly valuable “virgin” assets, useful for sending out viral e-mail messages likely to go unblocked by spam filters, Sophos researcher Beth Jones says.

Virgin Web mail or social network accounts can sell for as much as $2 - more than double what a stolen credit card account number fetches, says Fred Rica, principal at PricewaterhouseCoopers’ security practice.

Besides botting you and stealing all of your account log-ons, the bad guys can now also use your Web mail and social networks accounts to carry out a matrix of lucrative online capers, made all the easier if you use just one or a handful of the same passwords.

They can send out e-mails that appear to come from you to everyone in your address book to try to get them to divulge passwords. And they can scour your e-mail folders for clues to the social networks and online banks you use, then crack into those accounts - and change the passwords so only they can access them.

Part of this is because many online services require an e-mail address to set up a Web account. Meanwhile, replacement passwords are typically sent to that e-mail address - a perfect setup for a crook who is in control of the e-mail account, says Amichi Shulman, chief technical officer of security firm Imperva.

Entry-level cybercrime

The harvesting of virgin Web mail accounts has become a cornerstone of the cyberunderground, so much so that it has evolved into an entry-level cybercrime, says AppRiver analyst Touchette. Starter kits, complete with slick, ready-made faked log-on pages for each of the top Web mail services and social networks, are readily available - for free. A newbie phisher has only to supply a website on which to host the faked page and collect the stolen passwords.

This has become a widespread activity, one that is keeping the cyberunderground supplied with a new generation of scammers getting in on the ground floor. The crooks supplying the free tool kits have a stake in flushing out as many virgin accounts as possible. “Each account presents new opportunities to make money,” Touchette says.

Other attacks

The demand for virgin Web mail accounts has, in fact, become so robust that top-tier cybercrime gangs are going after them with other kinds of attacks as well. Some specialize in tainting legitimate Web pages, or corrupting search results, with imperceptible infections.

Clicking on the tainted Web page or corrupted search result can open a backdoor on the user’s PC, through which the attacker can install a program to steal keystrokes - especially those typed into a Web mail log-on form.

Another popular attack involves hacking into the databases of employment sites, shopping sites or any site that collects sensitive information, including valid e-mail addresses.

ScanSafe researcher Mary Landesman says she regularly finds caches of thousands of stolen Web mail log-ons stashed away in nooks and crannies of the Internet, often organized in a way that makes it clear an infection or database hack was used to harvest the data.

“Most disturbingly, we came across a cache of stolen credentials quite by accident posted in plain view on a now defunct website,” she says. “Presumably others could have found it as well.”

Twitter users can no longer change passwords

Yet the phishing ruses are arguably the quickest, cleanest way to steal log-ons to non-financial Web accounts.

Twitter is being swamped with simple email phishing ruses. The bad guys are also creating new Twitter accounts and steal existing ones, then using them to send out viral microblogs — Tweets carrying infected Web links. Because these links are shortened, it’s impossible to spot a good vs. malicious one. And Tweets move in real time pushed out from multiple sources around the globe, viewable by anyone using the service at that moment. This characteristic imparts a veil of trustworthiness ripe for cyber criminals to take advantage of.

Many Twitter users whose accounts have been compromised via phishing attacks and malicious URLs circulating in Tweets change their passwords to maintain their existing accounts. But so many are doing that that Twitter can’t handle the avalanche of password change requests. Twitter has begun locking out password changes, and now advises users not to change their usernames and passwords.

Tomorrow, 29OCT2009, antivirus company Kaspersky plans to publicly unveil something called Krab Krawler, a tool it has been developing that’s designed to troll Twitter microblogs for malicious URLs and then add them to Kaspersky’s blacklist of malicious programs.

Meanwhile, variations of the phishing email attacks slamming Facebook messages are being aimed at other high-profile targets. Phishing ruses purporting to come from the IRS, FedEx, UPS and Her Majesty’s Revenue & Customs, to name a few. One that’s now in circulation, shown below, purports to come from the FDIC, and is also spreading the Bredolab wormhole.

M86’s forensic work reveals that the FDIC phishing attack is also the handiwork of the same the Pushdo botnet gang behind the Facebook Bredolab phishing scam. Not at all surprising.

By Byron Acohido

Related Posts:

• Simplistic Facebook phishing attack seeks userIDs and passwords only
• Hotmail account logins stolen; users should change passwords now!
• Phishers target Twitter
• Twitter now using Google filter to block some bad URLs
• Apple Macs targeted by phishers just as intensely as Windows PCs

Category: Imminent threats, Top Stories

Comments

1. 

   Just an update - Over night we saw a retort of sorts from the Bredo botnet with their simple text, Facebook themed malware. This one once again uses the “password changed” ruse, and contains a malicious .Zip attachment.

   Zues on the other hand, is still chugging along today utilizing now 57 domains on which they host their malware. We have seen rates on some of these domains jump up to 1600/minute, on average across all domains. We are seeing roughly 50,000 of these messages every minute with over 7 million total piled up in our filters.

   Comment by Fred Touchette — 10/29/2009 @ 10:38 am

2. 

   Hi Byron, you might appreciate Tony Greenberg’s thoughts about trust in the IT world… at http://www.onlytimebuystrust.com/2009/10/24/only-time-buys-trust/
   Greetings from SF, X

   Comment by xeniar — 11/4/2009 @ 12:52 pm

3. 

   In reporting this story, some analysts refered to Bredolab as a “banking Trojan,” while Ryan Olson, of VeriSign iDefense, was insistent that Bredolab is, in fact, a “downloader Trojan.” I asked Ryan to reconcile. Here’s the exchange:

   LastWatchdog: What exactly is Bredolab?

   Olson: Bredolab is a Downloader Trojan. It’s primarily a gateway for other malware. The process occurs when an attacker installs a downloader Trojan to get a foothold on a system. Once the downloader is there, it contacts a command and control (C&C) server which tells it what additional malware it should download and install. This might be a banking Trojan like Zeus, a spam bot like Waledac, or maybe a Rogue anti-virus program. The key is, once a downloader is on the system. the attacker can install anything they choose! Most of the time, that is often multiple Trojans, not just one, which obviously leads to more issues.

   LastWatchdog: I could not find anything about the Glacial Dracon banking trojan. Can you send me some info on that one? Is it widespread or obscure? Is it similar to Zbot/ZeuS? What’s distinctive about it?

   Olson: As far as we can tell Glacial Dracon (GD) is not very widespread. The variants we’ve analyzed have primarily been targeting Spanish banks. It doesn’t really do anything special compared to other banking Trojans. GD steals POST requests and is capable of HTML injection, but that’s getting to be pretty standard. We’ve seen some C&C servers that both a GD Trojan and a ZeuS Trojan will report to, indicating that some attackers use both Trojans at once, or at least try them both out.

   Comment by bacohido — 11/4/2009 @ 2:26 pm
   

from: http://lastwatchdog.com/unstoppable-phishing-attacks-blanket-facebook-twitter/

More Phishing Scams Target Facebook

By Mark Huffman
ConsumerAffairs.com

November 4, 2009
Facebook users are being warned about another phishing scam. This one has the objective of tricking users into providing their email address and password, then hijacking it to make unauthorized posts.

For example, if a victim provides their login information, the virus executes a program that posts 25 messages on the walls of the user's friends. If the user tries to delete the wall posts, the program automatically posts more messages.

The victims are tricked into executing the virus by clicking on a link, preceded by the questions, "Hi, is this you?"

It's not known if this latest scam is related to another phishing scheme that surfaced last week that appears to be more sinister in nature. It also tries to steal user names and passwords by claiming to be a message from Facebook about enhanced security. It purportedly takes users to a site where they can update their security.

However, victims who follow through with the scammers' request are in for a nasty surprise. They are promoted to download an "update tool" that, in reality, is the Zeus Trojan, malware that hackers use to steal bank account information.

Computer security experts have been following the progress of the Facebook phishing campaign and describe it as widespread. AppRiver said at one point it was tracking more than one thousand spam messages per minute per domain.

Because of the increase in phishing attacks launched through social networking sites, many companies are discouraging or prohibiting employees from visiting these sites at works. According to an October study commissioned by Robert Half Technology, an IT staffing company, 54 percent of U.S. companies have told employees to stay away from social networking sites like Twitter, Facebook, LinkedIn and MySpace, while on the job.

Read more: http://www.consumeraffairs.com/news04/2009/11/facebook_scams.html#ixzz0YMXVbw89

Phishing Attack Underway At Facebook. Don’t Sign In To Fbaction.net

by MG Siegler on April 29, 2009
We’ve received multiple tips of a new phishing attack that has broken out on Facebook. If you get an email message that looks to be from Facebook with the subject, “Hello,” and featuring the text below, don’t bother clicking on the link included. Doing so takes you to a site called fbaction.net that mimics the look of the main Facebook login page, hoping to get you to sign in. Naturally, if you do that, the site will have access to your account and can send out more of these messages to your friends.

The message body will apparently read something like this (with YOURFRIEND being replaced by the name of a friend of yours):

YOURFRIEND sent you a message.

Subject: Hello

“Visit http://www.facebook.com/l/4253f;http://fbaction.net/”

We’ve contacted Facebook about the situation to see what it is doing to remedy this. In the meantime, be on the lookout for any link related to fbaction.net.

Update: And it looks like “fbaction.net” is now the #2 hot trending search topic for all of Google Trends. This thing is apparently spreading quick.

Update 2: Here’s the what Facebook just told me about the attack:

We are aware of this phishing domain and have already begun to take action. Specifically, we have passed the domain on to Markmonitor who pushes the domain to the browsers for blacklisting. They will also actively try to disable the site at the server/domain level for people who don’t have updated browsers. Our user operations team has blocked the domain from being shared on Facebook and is removing the content retroactively from any messages. They will also be resetting passwords of senders to remove access from an attacker. We’re also reaching out to the ISPs to get information and will attempt to build a civil and/or criminal case against the owners.

Sure enough, as some commenters have noted below, it looks like Facebook is now blocking outgoing links to that domain, and some browsers, like IE8, have flagged it as malicious.

from: http://www.techcrunch.com/2009/04/29/phishing-attack-underway-at-facebook-dont-sign-in-to-fbactionnet/

Does Facebook have a virus? I'm receiving messages that weren't sent. I'm sending messages I didn't send. What is fbstarter.com?

New Phishing Attack Spreading On Facebook. This Time From FBstarter (Updated)

by Erick Schonfeld on April 30, 2009

Yesterday a phishing scam spread across Facebook in the form of a message form a friend asking you to click on a link which took you to what appeared to be a Facebook login, but was actually at a different URL, http://fbaction.net. It was quickly blocked. But now there seems to be a new one linking to http://fbstarter.com/. It comes in the form of a message from a friend telling you to “Look at this!” When you click on the link, you are taken to what appears to be a Facebook sign-in page. If you go ahead and sign in, the phishers have access to your account and can then send messages to all of your friends.

I just got one of these messages. It looks like this:

Joshua sent you a message.

Subject: Look at this!

“fbstarter.com”

And fbstarter is hyperlinked.

If you do sign in by mistake, the best thing to do is to change your password as quickly as possible. Make sure you are signed into the real Facebook when you do that, however.

Again, it looks like this phishing attack is very successful. Right now “fbstarter” is the No. 1 hottest term on Google Trends.

I have alerted Facebook to this attack.

Update: Facebook is on the case. They just sent me this update:

We’ve already blocked www.fbstarter.com from being shared on Facebook. You’ve probably seen what this looks like but I’m including a screenshot. Now, we’re deleting that URL from walls and inboxes. We’ve also blocked access to the URL so if someone does find it on Facebook (on their wall, in their inbox, or in an email notification) it won’t send them to the destination. Finally, we’ll automatically reset the password on any account that sent the malicious link. Thus, the data becomes useless to the bad guys very quickly.

In addition, we work with MarkMonitor (they made an announcement today). We send them URLs and they get them added to the browser blacklists and work to get the sites taken down. I’ve included a screenshot of the warning from Firefox that resulted from their work on the phishing attack yesterday (fbaction.net). They got that site taken down, too. Today’s site (fbstarter.com) has been down most of the morning. MarkMonitor and Facebook are watching it closely, though.

get widgetminimize

CrunchBase Information

Facebook

Website:	facebook.com
Location:	Palo Alto, California, United States
Founded:	February 1, 2004
Funding:	$716M

Facebook is the world’s largest social network, with over 300 million users.

Facebook was founded by Mark Zuckerberg in February 2004, initially as an exclusive network for Harvard… Learn More

Information provided by CrunchBase

from:
http://www.techcrunch.com/2009/04/30/new-phishing-attack-spreading-on-facebook-this-time-from-fbstarter/
http://www.mahalo.com/answers/from-twitter/does-facebook-have-a-virus-im-receiving-messages-that-werent-sent-im-sending-messages-i-didnt-send-what-the-heck-is-fbstartercom