Outline Warning message circulating around Facebook claims that there are five new viruses on Facebook that users should watch out for.
Brief Analysis
While the threats described in the warning are (or were) real, they are not viruses and they will not crash or damage your computer. The threats discussed in the warning are all rogue Facebook applications and/or survey scams. The message is quite vague and potentially misleading and its overall worth as a security warning is questionable. Please review the detailed analysis below for a discussion of each threat listed in the message.
Example
FACEBOOK has 5 new viruses:
1. If you get a notice of a photo tag DO NOT OPEN it.
2. If you get a notification that a friend reported you for offensive behaviour DO NOT OPEN IT
3. Get 5000 FBK credits DO NOT OPEN IT.
4. Message from ya mates chat saying click this link DO NOT OPEN IT
5. Crash at Alton Towers DO NOT OPEN IT.
These are bad viruses and will crash your computer. REPOST and WARN OTHERS!!
1. If you get a notice of a photo tag DO NOT OPEN it.
2. If you get a notification that a friend reported you for offensive behaviour DO NOT OPEN IT
3. Get 5000 FBK credits DO NOT OPEN IT.
4. Message from ya mates chat saying click this link DO NOT OPEN IT
5. Crash at Alton Towers DO NOT OPEN IT.
These are bad viruses and will crash your computer. REPOST and WARN OTHERS!!
Detailed Analysis
A message moving rapidly around social network Facebook warns of a new set of "viruses" that are currently threatening Facebook users. The current incarnation of the warning includes a list of five supposed viruses to watch out for. The first version described only three "viruses", but a fourth was later added and now a fifth has made it to the list. More are likely to be added as time goes by. The message warns that the threats described are "bad viruses" that will "crash your computer" and asks users to repost to warn others.
The threats described in the message do currently exist or have existed in the past. However, the message is nevertheless quite vague and potentially misleading. In fact, rather than actually helping Facebook users stay aware of security issues, this message may in fact only cause further confusion.
Firstly, the threats described in the warning are not viruses at all. All of the threats are in fact rogue Facebook applications and/or survey scams designed to trick users into submitting personal information or participating in various bogus online surveys. While making such a distinction about the use of the term "virus" may seem unimportant, the fact is that a computer virus acts in a very different way than the rogue Facebook applications and survey scams discussed here. Calling such scams "viruses" is therefore misleading and inaccurate.
Secondly, there is no credible evidence to support the claim that these rogue applications crash, shut down or damage the user's computer in any way. The people who operate such survey scams want victims to be able to use their computers to fill in their bogus surveys. Crashing or disabling the victim's computer is entirely counter to their goals.
Once installed, these rogue apps typically try to entice users into visiting bogus third party "survey" websites, ostensibly as a means of verifying their account. They will also automatically repost spam messages promoting themselves via Facebook wall posts, photo tag messages or chat. Many such survey pages attempt to tick users into signing up for absurdly expensive SMS "services". In some cases, such survey links may attempt to trick users into downloading spyware or malware via "free" games, toolbars or other applications. Others may share information supplied via surveys or prize applications with spammers. Those responsible for such survey scams will receive a commission whenever a person fills in a survey, an application form, or provides their mobile phone number. This is the motivation driving such scam attempts.
I discuss each of the listed threats in turn below:
1. If you get a notice of a photo tag DO NOT OPEN it:
It is true that there is currently a large number of rogue applications using Facebook's photo tagging function. I discuss one such photo tagging rogue app in more detail here. You should certainly be cautious of links in "tagged in a photo" messages. If such links point to a Facebook application, do not give the application permission to access your account. Any claim that you must install a particular application to view a photo you were tagged in is sure to be bogus.
That said, however, suggesting that you should never open photo tag messages is overkill. Photo tagging is a legitimate and widely used Facebook feature. Many if not most of the photo tag messages that people receive on Facebook are likely to be perfectly legitimate.
2. If you get a notification that a friend reported you for offensive behaviour DO NOT OPEN IT:
This warning was valid but is now outdated. The warning is apparently derived from a genuine security threat that targeted Facebook users in early 2009. At that time, a rogue Facebook application was sending bogus terms of service violation messages to Facebook users. If installed, the application attempted to trick users into submitting personal information. However, I have seen no reports that indicate that this particular rogue application has been reactivated. Even so, such tactics are often reused by criminals and Facebook users should certainly watch out for bogus notification messages.
3. Get 5000 FBK credits DO NOT OPEN IT:
This is yet another survey scam. The link in the messages opens a Facebook event page that supposedly provides instructions for collecting your free credits. As with other incarnations of the scam, you are supposedly required to fill out one or more bogus surveys before getting your credits. You are also required to share the scam link with your friends. Of course, the free credits do not exist. Any claim that you must fill out surveys in order to get free items or services is likely to be a scam.
4. Message from ya mates chat saying click this link DO NOT OPEN IT:
As with photo tagging, scammers have been using chat messages as a way of promoting various rogue applications. Once installed, some such rogue apps can send messages promoting themselves via chat. Again, however, suggesting that users NEVER click any links sent via chat is overkill. Users very often share links via chat and, obviously, not all of these links will lead to rogue applications or scam websites. As with any area of Facebook or the web in general, people should use caution with when they receive links to unknown websites. If a link points to a Facebook application, do not give the application permission to access your account unless you know exactly what the application does.
5. Crash at Alton Towers DO NOT OPEN IT:
This is yet another survey scam rogue application. The scam messages claim that users can see a video of a rollercoaster crash by clicking a link. The link actually leads to a Facebook application. The location where the crash supposedly happened varies considerably. This scam works in a very similar way to the one I describe here. Any claim that you must install a Facebook application to view a video or photographs is likely to be a scam.
source: http://www.hoax-slayer.com/facebook-new-viruses.shtml
0 comments:
Post a Comment