Shark Bait

Knowledge Centers

Operating Systems

Networking & Internet

Mobile & Wireless

Security

Storage

Business Intelligence

Servers & Data Center

Computerworld Reports

Industry

See your link here

Douglas Schweitzer

The Security Sector

Two-faced Facebook friends

6 comments

TAGS:Facebook, phishing, threat
IT TOPICS:Security

It didn't come as much of a surprise months ago when Symantec Corp. revealed that they'd found that social networking sites were the primary targets of phishing web sites. A couple of days ago the Websense Security Labs ThreatSeeker Network issued an alert that warned of a new spam campaign that targets Facebook users. Bogus but official looking emails are sent to users notifiying them that another Facebook user has added them as a friend.

Unsuspecting recipients may have their curiosity piqued (right there alarm bells should start sounding), leading them to double-click on the zip attachment to see a photo. This is a classic social engineering tactic; it preys upon a combination of the victim's curiosity, vanity and trust.

According to the Websense alert, a login page to Facebook is included in the body of the email and surprisingly, that was legitimate - a user entering their email address and password would end up at the real Facebook site. Having that part of the email be real makes the entire email seem inocuous - but beware.

Email this

Digg this

What People Are Saying

Add new comment

you can't prevent people from harming themselves

Submitted by Anonymous on September 24, 2008 - 8:43 A.M.

I am so glad that I never got into Facebook, Myspace, or a million other social web sites. I have better things to do with my time, and thus I avoid having to worry about crap like this.

Reply | Report this comment

reply 2 anonymous

Submitted by MR B.MUSED on October 2, 2008 - 10:33 A.M.

so you've better things to do with your time like post comments on how you're smug because you don't use social web sites?????

Reply | Report this comment

I wholeheartedly agree. I

Submitted by Anonymous on September 24, 2008 - 11:34 A.M.

I wholeheartedly agree. I have several friends on various social networking sites that want me to join, and add them as friends. I am a computer professional, but I have never (and probably never will) join these internet websites. As I am on the computer all day at work, the last thing I want to do when I get home is get back on the computer.

Reply | Report this comment

i see where your comming

Submitted by Anonymous on March 4, 2009 - 11:44 A.M.

i see where your comming from, but social websites are an extremely good way to keep in contact with your current friends and ofter let you reunite with old friends. I have both myspace and facebook, and i check both almost everyday.

Reply | Report this comment

reply 2 anonymous

Submitted by MR B.MUSED on October 2, 2008 - 10:42 A.M.

I suggest you lighten up a little.It is a sign of the times & there is a lot worse these people
could be doing.Also most people use a computer at work these days & they also sit on a chair.
When you come home from work do you stand up all evening?????....lol.

Reply | Report this comment

Hi. Everything is sort of

Submitted by Michael on September 29, 2008 - 3:16 P.M.

Hi.

Everything is sort of operational on my end though I keep getting these problems with my Computer where I keep having to ring up BT everytime a prob accures with it that I can't do my self.

The officer at the end requires to remote access and it seems to get sorted still it happens after. Am not very good at it my self not without some professional from the other end.

I'm no Computer expert though am getting better at getting round sorting certain problems through the icons on my Desk Top.

That mission I find hard to do I bet even James Bond couldn't complete all the tasks not without some help from BT or Computer Vender.

Am a Believer in UFOs Aliens Area 51 MI6 and wonder what it's like to have life amongst them and that power.

I'm down to earth friendly and open minded and I get on with anyone.

Contact me at anytime here.

Reply | Report this comment

Now here’s an ant farm

Gone phishing or phishing going?

But it was about sending passwords, right?

Social Networking and cyber attacks - is this our future?

LIVE Nov 10, 2009 12:00 PM ET

Architecting Business Intelligence Applications for Change: The Open Solution

LIVE Nov 12, 2009 02:00 PM ET

The State of PCI DSS Compliance at Organizations Today
Download this resource today!

Managing Secure File Transfer to Save Time, Money and IT Resources
Learn how companies are using innovative technology to overcome these challenges and improve user productivity by offloading e-mail attachments and replacing FTP with...

Can Heuristic Technology Help Your Company Fight Viruses?
What is Heuristic Technology and how can it help safeguard your business against viruses? Learn more.

Security Convergence Equals Network Security Cost Savings
Listen to IBM Internet Security Systems' take on network security convergence.

Why Email Must Operate 24/7 and How to Make This Happen
Learn how to avoid an email outage by implementing a hosted email continuity solution.

Lower the Cost and Complexity of a Mobile Workforce through Automation
Download This Resource Now!

All White Papers | All Webcasts