As cyber criminals are increasingly targeting Facebook, security issue has became the number one concern on Facebook, and the users or firms that used Facebook for social networking.

As seen in several reports published on the Web recently, the types and severity of the Facebook attacks are expected to be risen in this year 2010.

Here are few reports for your perusal from everything security threats that can open your eyes to a different aspect of the Facebook security issues.

1) Sophos Security Threats Report: 2010 [PDF]

Some excerpts:

According to a Sophos survey conducted in December 2009, 60% of respondents believe that Facebook presents the biggest security risk of the social networking sites, significantly ahead of MySpace, Twitter and LinkedIn.

Source: available at http://www.sophos.com/sophos/docs/eng/papers/sophos-security-threat-report-jan-2010-wpna.pdf, accessed 11 February 2010

Meanwhile, Sophos also said that reports by companies of spam and malware derived from social networks such as Facebook, MySpace and Twitter were up 70 percent from a year earlier.

2) McAfee 2010 Threat Predictions [PDF]

Some excerpts:

With Facebook reaching more than 350 million users, we expect that 2010 will take these trends to new heights.

The explosion of applications on Facebook and other services will be an ideal vector for cybercriminals, who will take advantage of friends trusting friends to click links they might otherwise treat cautiously.

3) Cisco 2009 Annual Security Report [PDF]

Some excerpts:

Social networking site Facebook reports that from August 2008 to December 2009, its active user base more than tripled, from 100 million to 350 million. As Cisco has continued to report, criminals migrate attacks to where their victims are. They have wasted no time targeting this huge audience, and they are creating more sophisticated ways to take advantage of the trust users place in social media. The Koobface worm, first detected on social networking websites such as Facebook in 2008, appeared again in 2009, when yet more variants of the malicious software popped up on Twitter, the microblogging service. Estimates indicate that almost 3 million computers have been infected with Koobface.

There will be more attacks on Facebook especially now it has reached 350 million accounts and its growth doesn’t show any sign of slowing. Although it is true that many of us prefer to use Facebook instead of other social networks due to its popularity, but a site called Seppukoo is offering Facebook users a way out of it.

Seppukoo, the site named after Seppuku, i.e. 切腹, stomach-cutting, the suicide with honor of ancient Japanese samurai. And predictably, the founding of Seppukoo is also about suicide, but to assist the Facebook users in committing virtual identity suicide through accounts deactivation. As the Seppuku restores samurai’s honor as a warrior, Seppukoo deals with the liberation of the digital body, the site says.

Aha. This seems like a bad idea. Remember my post on the “Practise Suicide Groups” and how I urge Facebook to ban the word “suicide 自殺” when someone creating a Facebook group.

In particular, Seppukoo offers Facebook users to pass away and leave their Facebook IDs behind and join the worldwide suicidal network, as the site says. Additionally, Seppukoo will also feature a RIP memorial page and send the page to all their friends that left behind on Facebook.

To go Seppukoo, you must enter your Facebook credentials, and choose the memorial page template, compose the “last words” before your Facebook account is deactivated. Meanwhile, you earn point when you influence your Facebook friends go Seppukoo; with Seppukoo it’s not important how many friends you have, but how much you may influence them, the site says.

For Facebook, this is an attack attempting to direct the curious of virtual suicide towards the end of social networking activities. However, the latest update is that Facebook has blocked Seppukoo. Once the users enter their Facebook credentials, they will receive a pop-up message as below.

Picture 1:

Picture 2:

If you’re using Windows, you probably have heard of Malicious Software Removal Tool (MSRT). It is a quality antivirus solution to be delivered to the Windows PCs as part of the Automatic Updates package each month.

A good news is that now it’s more safer to use Windows-based PCs to access Facebook as Koobface, a
particularly nasty virus have been included as one of the major virus and worm families being added to the MSRT.

“In working with Facebook, we were able to add detection of Koobface to our Malicious Software Removal Tool (MSRT), which checks computers running Windows software to detect and remove viruses.” Jeff Williams, a Principal Group Program Manager for the Microsoft Malware Protection Center, wrote in a guest post on the Facebook blog.

Meanwhile, the MSRT has also removed Koobface nearly 200,000 times from over 133,677 computers in more than 140 different locales around the world in just two weeks, he wrote.

I wished I do not need to post on this blog in this month. Naturally, if I read any threat in the Facebook community, you’ll read my post. The most recent threat is that it is not only appeared in Facebook, but also found on some other social networking sites such as Friendster, MySpace, etc.

These fake home pages, which propagated through the malicious comments sent from the compromised accounts of friends in the Friendster network, asking the Friendster users to log onto a fake Friendster home page. And the ugly part is that this fake Friendster home page, the domain http://friend[...]ter.com also pointed to a fake Facebook page as its main page, as reported by F-Secure.

Same old trick, remember my another post entitled Two New Facebook Forge Sites, as I have posted in October this year. Perhaps same old advice, always type the Facebook URL to your browser’s address bar when entering your Facebook account.

I’ve read an article that talked about Facebook is about to have a big spam problem, and “it’s not surprising.” Of course, everyone love Facebook now, and no one should expect spam will not happened in the Facebook environment.

A common Web strategy I heard nowadays is: If you build it, they will come. “They” means not only the audience, it also means the spammers too. So, if you want your profile, or even the group (you are the Administrator) to be spam-free, be prepared to spend time in deleting spam posts, spam wall posts, and report users that spam you to Facebook when necessary.

This is a latest attempt of the attack on Facebook user; this time is not spam, but the notorious Nigerian 419 scammer on Facebook.

According to The Sydney Morning Herald, a Facebook user, also worked at Google Australia Karina Wells has received a Facebook message from her friend Adrian that seeking help from Lagos, Nigeria. She has been told by the message that Adrian now is being stranded there in Nigeria and looking for a help and needed her to lend him $500 for a ticket home. However, Karina Wells is a smart lady, spotted that the message from the other party, was a scammer while chatting by using the word such as “cell phone” instead of “mobile phone.” Mind you, all the people from the Commonwealth countries speak and favor the British English as opposed to American English. She then gathered all the details of where the scammer was and forwarded them to both Facebook and the relevant authorities.

Now let’s go ahead and ask ourselves: How many “friends” do you have on Facebook? Enough is enough. And do you know where are they actually right now?

Facebook spam is definitely on the rise, but the good side is that the official security page of Facebook, i.e. Facebook Security has provided the typical screenshots of the spam posts and messages for the users to be fully aware of.

Please pay careful attention to these pictures enclosed as below, so when you come across the similar message, don’t hesitate to delete it straight away from your message inbox. And also, notice that each of these messages, the content are weird, with bad grammar as well, all under the guise of amicable types of messages with an aim to entice users to click on the external URL links.

Spam Message Example 1:

*Spam message for a free Macy’s gift card

Spam Message Example 2:

*Spam message about a new video the sender has found

Spam Message Example 3:

Spam Message Example 4:

Source: available at http://www.facebook.com/album.php?aid=58084&id=31987371885, accessed 31 October 2008

New Facebook attack are once again in the news, this time was discovered by Unified Threat Management vendor Fortinet. In particular, this security warning came from Fortinet, in a FortiGuard Advisory (FGA-2008-26), said that Facebook users who click on the URL links found in their message inbox in order to watch video, and the URL links which point to a Google Reader shared items site or Google Picasa site, may be at big risk for an attack.

This is mainly because for the Facebook users to view video on this Google Reader or Picasa site, they are prompted to install a special codec which contains Trojan. The codec itself is nothing but a Trojan, will load various malware pieces, as well as a copy of worm.

Although it’s not clear what impact this Trojan has on your system at this point, whether the anti-virus program installed is capable in protecting your system. However, Facebook users are advised not to download any codec when they’re social networking in Facebook.

[via PC World]

I just came across an article that entitled, “Pizza Hut To Spam Facebook Users.” To me, this article is quite interesting, especially it talked about when a user installs the Pizza Hut Facebook application called Pizza Hut Interface, whenever she ordered a pizza from Pizza Hut through this application in Facebook, her friends would get to know which pizza she ordered through a tiny notification appeared on their Facebook profiles.

Is this an act of Facebook application spam? How about the notification itself offers nothing about your own interest, for example, XXX accepted your friend request, or XXX wrote on your Wall, but something that do with Pizza Hut products, a food that it might not suit your taste in the first place.

At the time of my writing, there are over 600 monthly active users for this application. If you do not want your Facebook friends to know which type of pizza you’ve ordered, you simply can order it over the phone, don’t install this application.

Most recently, there are two (2) Facebook forge sites, with the URL FaceUbook.com and Faceiibook.com appeared on the Web. The domain URL’s landing page design is the same as Facebook new design, respectively, which made some users mistakenly typed in their IDs and passwords onto these two forge sites.

The URL links of these two forge sites are mostly came from emails into some Facebook users’ Inbox in the format as follows:

Hey! you have a Crush waiting for you on your Facebook!! See here!

hey! somebody wrote something about you in their blog here members.aol.com/hottyblogy54354

While I clicked on the above AOL blog page, it seems AOL is aware of this spam message and deleted this hottyblogy54354 page. The URL links of the messages aforesaid are touting people to sign-in their Facebook accounts, so that their personal information will be leaked to the forger, whom believed is from China with the following email, i.e. lizhilin_lizhilin1@126.com, according to the whois record of faceiibook.com and faceubook.com.