WASHINGTON (AP) — For computer users, a few mouse clicks could mean the difference between staying online and losing Internet connections this summer.
Unknown to most of them, their problem began when international hackers ran an online advertising scam to take control of infected computers around the world. In a highly unusual response, the FBI set up a safety net months ago using government computers to prevent Internet disruptions for those infected users. But that system is to be shut down.
The FBI is encouraging users to visit a website run by its security partner, http://www.dcwg.org , that will inform them whether they’re infected and explain how to fix the problem. After July 9, infected users won’t be able to connect to the Internet.
Most victims don’t even know their computers have been infected, although the malicious software probably has slowed their web surfing and disabled their antivirus software, making their machines more vulnerable to other problems.
Last November, the FBI and other authorities were preparing to take down a hacker ring that had been running an Internet ad scam on a massive network of infected computers.MORE
Facebook has just announced its video chat service, though it’s officially named Video Calling. Presumably that gives it a bit more cachet than a mere “chat” service.
It’s powered by Skype, which is probably an excellent thing. You have probably already decided whether you trust Skype and its technology, so you’re not sailing entirely into the unknown on that score.
And Skype is now owned by Microsoft, a company you’ve probably also already decided whether you trust or not. (If you are reading this on a Windows computer, an accurate first approximation is that you do.)
Microsoft, despite being the archetype of closed-source software vendors, has consistently improved its attitude to security over the past 20 years, when it first wandered into the security field with a badge-engineered version of Central Point Anti-Virus.
Microsoft owns Skype. Skype and Facebook have joined forces.
Microsoft is much bigger – and used to being much bigger – than Facebook. Microsoft has many more developers than Facebook. Many more of those many more developers are involved with security. And Microsoft is not as much fun as Facebook. Fun is good, but like many things, too much fun often gets in the way of security.
Perhaps, then, Facebook + Microsoft-by-way-of-Skype will cause some of Redmond’s recognition of the long-term value of security to rub off on the social networking giant.
In the meantime, don’t let your guard down just because you’re video calling directly from Facebook, where you’re used to having fun. In particular, review who your friends are.
And watch out for calls from hijacked accounts, or from borderline “friends”, just as you ought to do via any other messaging service, including email.
Scammers must be licking their lips at a low-cost way of getting literally in your face. Old scams have a way of seeming new and unexpected when they migrate to a new medium.
In particular, watch out for Stranded in [Foreign Location] scams. Voices can be hard to recognise reliably on poor-quality links, and video may be unrecognisable. You probably know the deal: a friend contacts you from an overseas trip. They’ve lost everything – credit cards, passport, cash, hotel key! They need $1000 wired via cash transfer as soon as possible so they can afford to get to their feet. Help!
Check via an alternative channel if your friend really is in trouble. Give them a phone call. Ask a mutual friend. Is the friend-in-trouble even in [Foreign Location]?
And watch out for Fake Support Call scams. Again, you can imagine the story. The caller is “from Facebook,” or “with Skype”. They’re calling from the hacked account of a friend – unusual, of course, but this is an emergency! – to advise all the friends of that friend that they, too, may be compromised.
Could you quickly check for an error in the Event Viewer? Oh, no! Not the dreaded “Service Failed To Start” error! What good fortune! The caller just happens to be able to help you. Just $300 and the trouble will go away. (That bit is true. $300 and they’ll stop haranguing you. For the time being.)
Hang up. You didn’t ask for help, so even if you think you need help now, consult a real-world friend you know and trust. Ask them to guide you.There’s no reason why you can’t have loads of fun with this new Facebook + Microsoft-by-way-of-Skype venture. Just don’t let the novelty of it lead you astray.
This entry was posted in Social Networking Sites and tagged " or "with Skype". They're calling from the hacked account of a friend - unusual, And watch out for Fake Support Call scams. Again, but this is an emergency! - to advise all the friends of that friend that they, chat, Facebook, Facebook video chat - what could possibly go wrong?, fake support call, may be compromised., Microsoft, of course, Scam, scareware, skype, stranded abroad, too, Video, you can imagine the story. The caller is "from Facebook.
The latest survey scam to spread successfully on Facebook is clearly targeting people who have so much blood flowing to their loins that the supply to their brains has been cut off.
It seems when faced with the prospect of seeing a video of a woman having an “amazing orgasm”, common sense goes out of the window for some people and they click the link without thinking of the possible consequences.
Here is the message that is spreading between Facebook users (I’ve pixelated out parts of the image so as not to offend anyone):
And here's an alternative version:
The links point to pages on Blogspot, where you will then be redirected to a webpage which presents you with what appears to be a sexy YouTube video of what is claimed to be an "Overly Dramatic Orgasm".
The only thing is that they want you to click a couple of times (sharing and liking the video to your Facebook friends) before they'll let you watch. Curiously, the messages are in Finnish ("Jaa" is Finnish for "Share"). Could the scammer who set up this particular attack be Finnish?
You probably won't be surprised to hear that the purpose of the whole scam is to earn money - through tricking users into taking online surveys. And through your clicking on the links, you have helped promote the survey (via the sexy video lure) to your online friends.
My feeling is that the last thing you're probably in the mood to do, if you want to watch a sexy video, is fill out an online survey. But that's precisely the kind of social engineering lure that appears to work on so many occasions.
Don't think with your trousers, show some common sense. I wish when you logged into Facebook it said, alongside asking for your email address and password, "Have you had a cold shower in the last 20 minutes?"
Maybe then folks would show a little more common sense when they see one of these sexy messages appear on their newsfeed.
What are you doing if you're clicking on this kind of thing from your work computer anyway? Content like that which these links promise is definitely NSFW (not safe for work).
If you use Facebook and want to get an early warning about the latest attacks, you should join the Sophos Facebook page where we have a thriving community of over 90,000 people.