Tuesday, January 19, 2010

Top-Five Facebook Scams

You Should Protect Yourself From hackers and spammers

As Facebook has grown in popularity, it has also become a primary target for hackers and spammers. An increasing number of Facebook users are having their accounts compromised. Each newly compromised account is then used by the hackers and scammers to propagate their scam further. You don’t need to be an idiot to have your account compromised. If you are caught off guard for a second, you may accidentally fall for one of these scams.
  1. IQ Quiz Adds

    While Facebook has spent the past year trying to cut down on the number of misleading advertisements on the site, the fact remains that a small percentage of users still get duped into purchasing services they don’t really want. The IQ Quiz Scam has become ubiquitous on the Facebook Platform, and those users who install applications can expect to see an advertisement for an IQ Quiz Scam at some point. In December one application was discovered in which developer was using spammy techniques to get new users to install their application and ultimately click on the IQ Quiz advertisements.

    As soon as you click on one of the ads, you’ll be brought to a site where you’re asked up to 10 questions which are relatively easy to answer. You will then be prompted to enter your phone number to view the results. Don’t enter your phone number! If you do, you will be charged upwards of $10 a week directly to your phone bill. While most phone companies are willing to refund you for your first purchase, they won’t do it after the first occurrence. That’s because the phone companies generate billions of dollars each year off of these types of transactions.

    If you want to protect yourself from IQ quiz scams, do not enter your phone number into any sites outside of Facebook.

  2. I’ve Been Robbed! Western Union Me Money!

    You’re browsing around Facebook and suddenly one of your friends IMs you to tell you that they’re stuck in another country; they’ve been robbed, don’t have a wallet, and need money to get out of the country. It’s a horrible situation but what are the odds that they found a computer to log on to in order to instant message you? Even worse, what are the odds that one of your friends who was travelling abroad got robbed and wasn’t able to find anybody to help them out?

    I’ve been with people who’ve lost their wallet abroad and needed to get money sent via Western Union, however if the person can get access to Facebook, they probably can access a phone. While you should always help out your friends, you can avoid being duped by international fraudsters by asking your friend to call you in order to wire the money. Unless your friend is in the middle of a jungle in the Congo, they should be able to call you.

    Most of the times in such incidents, it is a scammer who has stolen your friend’s account and is systematically going through and IMing each of their friends to try and get money wired to them. Don’t fall for it, try to talk to them on the phone before offering any help.

  3. Facebook Phishing Landing Pages

    One of the most common ways Facebook accounts get compromised is through simple phishing scams. The way it works is that a user’s account is compromised by a hacker and the hacker then uses that account to automatically post links on each of that user’s friends’ walls. Sometimes the system will send messages to the friends such as “Check out this funny video of you!” with a link that redirects to a page with a fake Facebook login page.

    It’s pretty straight forward, and it’s easy to avoid, however countless people have fallen for this scam. The easiest way to tell if it’s a scam is by looking at the URL of the page you land on. The best way to protect yourself is, anytime you see a Facebook login page, leave it and go to http://www.facebook.com in your browser. This way you can ensure you are logging in to the correct site.

  4. Koobface Worm That Automatically Hijacks Your Account

    Facebook has worked aggressively to prevent this worm, it still continues to spread rapidly. The scam is pretty straight forward. In this attack, a user will receive a message from what appears to be one of their friends. The message will say things like “Paris Hilton Tosses Dwarf On The Street; Examiners Caught Downloading Grades From The Internet; Hello; You must see it!!! LOL. My friend catched you on hidden cam; Is it really celebrity? Funny Moments” and many others.

    Included in the message will be a link to a page which appears to be a YouTube video. If you click on the video, you will be prompted to “upgrade your Flash player now” and will ask to download a file which contains the Koobface worm. If you download and install the file, your computer will automatically log in to Facebook and send similar messages to your friends.

    The best way to avoid this scam is to avoid all links that are posted on your wall or in your inbox that are out of the ordinary. Also, never download a file / codecs after clicking on a link.

    To learn more about the Koobface worm, check out the information at the
    Kapersky Lab.

  5. Other Malware Applications And Links

    While we’ve attempted to highlight the primary scams, hackers and scammers are constantly evolving their strategies to steal passwords, and take over computers. The best thing to do is always be careful of strange links posted to your profile or messages sent to your inbox. While many of the scams on Facebook are harmless to your computer, it's still important to protect yourself against any viruses and worms.

    Some Facebook applications have used toolbars among other things to make money from their application. Some of these toolbars will significantly damage your computer.

The bottom line is: be on guard any time you see anything suspicious. If you do notice anything suspecious or happen to fall for a scam, make sure to immediately change your password. If you aren’t able to access your account because you were phished and your password was changed, fill out this form, which might help you get your account back.

No comments: