Facebook In-security

Warning for Business, Corporate and School Computer Networks

Is Facebook safe enough for access by office computers?  For many organizations, the answer is no.  The bad news about the popular social network grows with each passing week.  Facebook has been plagued with the Koobface worm (some call it a virus), which has through Facebook infected (or attempted to infect) work PCs.

Now Facebook faces the scrooge of the Dancing Girl.  The Dancing Girl exploit arrives as an e-mail appearing to be a typical notification from Facebook, saying someone has left you a Facebook message.  The rogue e-mail directs you, the victim, to click to see a video of a sexy dancing girl.  If the victim clicks, he is taken to a fake, Facebook lookalike page, which instructs the victim to download a software upgrade so that the video can be viewed.  But in truth the software to be downloaded is a group of damaging, malicious programs.

If an employer were to prevent (forbid) access to social network sites, then employees would not be tempted to fall for tricks like this.  To say it a different way:  failure to prohibit Facebook and Myspace can promote a lax computing environment in the office.

Local chapters of the Better Business Bureau (such as the Hawaii chapter and the Chicago & Northern Illinois chapter) have issued warnings about the transmission of malware and the propagation of other threats through social networks, especially Facebook.  Among other scams, bogus posts to a victim’s “wall” can link to dangerous external web pages, which might try to install malicious software through the victim’s web browser.

The Maryland General Assembly blocked its network users from access to social networks, especially Facebook.

Update:  Recent research compares the success rates for propagation of malware via e-mail and via social networks.  Hacker are ten times more successful on social networks sites.

–Ben Wright

At the SANS Institute, Mr. Wright teaches IT administrators how to stay out of jail.


5 Responses to “Facebook In-security”

  1. Security Threat: Facebook and MySpace at Work « Internet Safety | How to Filter, Block, Monitor the World Wide Web Says:

    […] computers with viruses (or they are subjecting their computers to attempted infections).  Facebook and MySpace are known as breeding grounds for Koobface (technically classified as a “worm”). […]

  2. Buck Turgidson Says:

    Rogue. Rogue. Rogue.

    Not ‘rouge’. As an IT guy, you will NEVER use the word ‘rouge’. Remove it from your spellcheck dictionary. Thank you.

    [Sorry, I’ve just seen “rouge” one too many times in an otherwise professional-seeming security article]

  3. benjaminwright Says:

    Thank you, Buck. –Ben

  4. Stewart Engelman DNI Services Says:

    This is a little off topic, but related to the thread. A few years ago, I signed up at MySpace as I thought it would be fun to communicate with people having similar interests. While I did get to do a little communicating, I was amazed how many scams were going on.

    One that sticks in my mind in particular is a message a got featuring a young girl lying at the beach in bikini. The message waxed on about how she was being continually beaten by her boyfriend, and if I would send her $5,000 USD, she would come over to my home and marry me.

    I suspect that somehow someone got access to a database of MySpace users, or alternatively spidered the site, and write a program to mass disseminate this post to millions of MySpace users.

    After getting numerous similar offers, I terminated my account. The number of scam messages I was getting were far in excess of the number of legitimate ones.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: