Tag: spam messages

Malaysia Airlines air disaster–another event bringing out the online scams

18/03/2014 Current events, Data security No Comments

Article

Fake Malaysia Airlines links spread malware | CNET News

My Comments

Every time there is a major event that affects many people or brings out mass intrigue, a computer-security situation climbs on to that event’s tail.

What happens is that Websites with a questionable motive pop up like nobody’s business and links to these sites appear in spam emails or on the Social Web. The “link-bait” text draws people to these sites are laden with malware or set up to harvest Web-surfers’ personal or financial information for questionable purposes. The Malaysian Airlines air disaster drew out its own link-bait in the form of fake news links that purport to lead to video footage of the plane being discovered or survivors being found.

A proper practice is to keep the software on personal and other computer equipment “lock-step” with the latest software updates and patches and simply to “think before you click”. This is more so with anything that appears “too good to be true” or “out of the norm” for that situation.

Facebook users also have to be careful about the “fake events” which are being used as a spam-distribution vector. Here, as I previously covered, this causes notifications to appear in the user’s Facebook Notification list with your computer or mobile device popping up messages and sounding an audible alert to these notifications if a Facebook client is running. As well, if a user accepts these events, information appears on their Timeline about that event.

Computer security is about trusting your instincts

06/12/2013 Data security No Comments

Article

Festive season security myth: "If there are no links in an email, it can’t be a phish." | NakedSecurity Blog

My Comments

I have seen this happen as part of educating people about computer security is to think before you click. Here, it is about being careful about responding to emails and Websites of doubtful provenance so you don’t become a victim of a scam or find your computer full of malware.

For example, phishing scams initially used links in the email as a hook to get people to “verify” their accounts or take similar action. But they are now using “loaded” attachments with the copy of the email not having any links or HTML to avoid being rejected by security tools that are part of email clients or the populace not taking to the bait due to the public education about phishing scams.  The hook in these situations are the attachments that are crafted to take advantage of weaknesses in the software or carry links to Web resources as mentioned below.

PDF files represent their own dangers because they can either be crafted maliciously or contain links to Web resources. This is compounded by the problem that not all PDF reader software handles Web links in a manner similar to a Web browser. For example, a lot of these programs don’t show the URL when you hover over or dwell on the link before you click.

I would personally like to see PDF and similar document viewers support the ability to link with “website-reputation” engines like what Symantec and other security-software vendors offer and show graphics that indicate if a link you are hovering on is safe or not. Similarly, search engines, website reputation agents, security scanners and similar tools could also examine PDF files for abnormal construction and questionable links.

Instead, we have to do a “reality check” regarding these emails. For example, are the emails from a company whom you have had business with or part of ongoing business with that company? Are you expecting an email to come through with attachments? Do they contain a lot of poor spelling or grammar or aren’t commensurate to the language they are meant to be written in? Do they reflect the tone of what the business and its industry is about? Simply, does the context sound too “out of this world” to be real?

This also applies to any offers provided through instant-messaging or social-network channels including the Facebook “fake-event” scams that are popping up as I have mentioned before.

But for the moment, are you sure that the link or attachment you are to click on is kosher before you click on it?

Facebook Events–a new vector for distributing spam

04/12/2013 Data security, Social Web No Comments
Facebook event spam notification in Notifications list - comes from a Friend

Facebook event spam notification in Notifications list – comes from a Friend

Article

Spammers Using Facebook Events to Trick Users | ReadWrite

My Comments

Ever since its early days, scammers have used Facebook as a place to spam users with their shady schemes. Previously this was through running a message with a tantalising link surrounded by tantalising text on users’ Walls and this link would pass through to some unscrupulous site.

This has failed to work now that Facebook has achieved critical mass with users subscribing to different Groups, Pages and Personal Profiles including those that represent their interests. This situation leads to the News Feed, the user’s default view in Facebook, being full of various pieces of information from different sources.

But, over the years, Facebook introduced a notifications mechanism for events beyond potential Friend requests or comments left on a Status Update and users are more likely to check on what has been added to the Notifications list. Here, it also introduced the Event which a Facebook user can invite their Friends or Followers to depending on its settings and this allows the user to register whether they are attending or not.

Event page for spammy Facebook event

Event page for spammy Facebook event

This bas become a new path for distributing link-bait spam because these Events don’t come often in a user’s interaction with Facebook. Similarly, the default setup has it that Facebook treats the Events as something to generate a Notification about and it effectively shows up the red “Notifications” flag in the Web view while causing native clients to show a distinct alert message and audio prompt when these come in. For example, the mobile clients for iOS and Android would list the event in the mobile operating system’s Notifications tray while causing the phone to sound a distinct ringtone or the Facebook Windows clients will “pop up” a message on the Desktop with your computer sounding an audible chime.

As well, if you “accept” these Events, they will appear as a Status Update on your Wall (Timeline). Of course, it will require the user to click through to the Event page and this will show a URL for you to click through to for more details, most likely along with some tantalising pictures. These URLs are where the trouble occurs because it could lead to installation of malware on your computer or other questionable practices taking place and some of these URLs are infact obfuscated using URL-shortening services like bit.ly .

If these “event spam” notifications come from one of your Facebook Friends, don’t click on anything to do with the Event page. Rather, let your friend know that they are the victim of a spammer and suggest they change the password on their Facebook account and run a malware scan on their computer.