benjaminwright
Warning for Business, Corporate and School Computer Networks
Is Facebook safe enough for access by office computers? For many organizations, the answer is no. The bad news about the popular social network grows with each passing week. Facebook has been plagued with the Koobface worm (some call it a virus), which has through Facebook infected (or attempted to infect) work PCs.
Now Facebook faces the scrooge of the Dancing Girl. The Dancing Girl exploit arrives as an e-mail appearing to be a typical notification from Facebook, saying someone has left you a Facebook message. The rogue e-mail directs you, the victim, to click to see a video of a sexy dancing girl. If the victim clicks, he is taken to a fake, Facebook lookalike page, which instructs the victim to download a software upgrade so that the video can be viewed. But in truth the software to be downloaded is a group of damaging, malicious programs.
If an employer were to prevent (forbid) access to social network sites, then employees would not be tempted to fall for tricks like this. To say it a different way: failure to prohibit Facebook and Myspace can promote a lax computing environment in the office.
Local chapters of the Better Business Bureau (such as the Hawaii chapter and the Chicago & Northern Illinois chapter) have issued warnings about the transmission of malware and the propagation of other threats through social networks, especially Facebook. Among other scams, bogus posts to a victim’s “wall” can link to dangerous external web pages, which might try to install malicious software through the victim’s web browser.
The Maryland General Assembly blocked its network users from access to social networks, especially Facebook.
Update: Recent research compares the success rates for propagation of malware via e-mail and via social networks. Hacker are ten times more successful on social networks sites.
–Ben Wright
At the SANS Institute, Mr. Wright teaches IT administrators how to stay out of jail.
March 15, 2009 at 2:54 pm
[...] Facebook’s Calacade of Risk [...]
April 1, 2009 at 3:33 pm
[...] computers with viruses (or they are subjecting their computers to attempted infections). Facebook and MySpace are known as breeding grounds for Koobface (technically classified as a “worm”). [...]
May 12, 2009 at 3:22 pm
Rogue. Rogue. Rogue.
Not ‘rouge’. As an IT guy, you will NEVER use the word ‘rouge’. Remove it from your spellcheck dictionary. Thank you.
[Sorry, I've just seen "rouge" one too many times in an otherwise professional-seeming security article]
May 12, 2009 at 8:01 pm
Thank you, Buck. –Ben
August 17, 2009 at 11:34 pm
This is a little off topic, but related to the thread. A few years ago, I signed up at MySpace as I thought it would be fun to communicate with people having similar interests. While I did get to do a little communicating, I was amazed how many scams were going on.
One that sticks in my mind in particular is a message a got featuring a young girl lying at the beach in bikini. The message waxed on about how she was being continually beaten by her boyfriend, and if I would send her $5,000 USD, she would come over to my home and marry me.
I suspect that somehow someone got access to a database of MySpace users, or alternatively spidered the site, and write a program to mass disseminate this post to millions of MySpace users.
After getting numerous similar offers, I terminated my account. The number of scam messages I was getting were far in excess of the number of legitimate ones.