The bad guys are at it again on Facebook. I have made a video demonstrating the latest attack, and how to clean up your Facebook account:
(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)
So, what’s the background to the story? Well, in May of this year amateur video footage of an American teacher allegedly attacking a 13-year-old pupil in front of fellow students made headlines after being posted on YouTube.
Officials at Jamie’s House Charter School in Houston, Texas, sacked 40-year-old Sheri Davis as the world looked on horrified at her rather unusual approach to disclipline in the classroom.
It was perhaps not surprising that cybercriminals took advantage of the furore – the following month I reported how a rogue Facebook application was posting spam from users’ accounts saying “Teacher nearly killed this boy” and encouraging users to fill in surveys in order to view the controversial footage.
You would have hoped that that would have been the last of it. However, new versions of the app (using a variety of names and URL-shortening services) have continued to plague Facebook users, spamming from their accounts and worming their unwanted links across the social network.
I am shocked!!! The teacher nearly killed this boy. Video here: hxxp://tiny.cc/horrifying - Worldwide scandal!
Clearly it’s appalling that these links are still spreading virally at such speed across Facebook, duping users. It seems to me that Facebook is virtually impotent to do anything about them – whenever they close down one rogue application the bad guys just create another.
Facebook can’t seem to stop them, despite the attacks looking almost identical. Maybe it’s time for Facebook to put more restrictions over who is allowed to create applications on their social network, as the current system just isn’t working.
You can do your bit, though, by sharing this blog article with your friends on Facebook.
Please take care when you’re online, and consider joining the Sophos page on Facebook to be kept informed of the latest security threats.Follow @gcluley