Sophos Cloud Optix
Is a security weakness on Facebook allowing cybercriminals to post spam messages directly onto users’ walls?
Overnight, a number of users have been seen posting messages like the following on their Facebook
walls:
Apple is giving away 1000 Iphone4s i just got mines =)
Of course, Apple isn’t really giving away 1000 iPhone 4 smartphones, and clicking on the link takes you to a website which promotes a “make money fast” scheme, attempting to recruit home workers.
Tempted? I didn’t think you would be. But maybe some users in these cash-strapped times would be interested in discovering how they could make some extra pennies.
Even if you aren’t interested, you’ll find that the webpage is pretty determined for you not to leave without signing-up..
What’s particularly interesting is that this latest wave of spam messages say they were posted “via Email”.
That’s the facility Facebook supplies to post status updates to your Facebook page remotely, just by sending an email to a unique address (every Facebook account has a specific email address for this purpose).
My guess is that the facility may have been compromised, and scammers have found a way to update users’ statuses of users by sending an email message directly to their walls.
We saw an attack apparently using the same technique last month, posting messages from users’ accounts saying that they had claimed a free iPhone.
Again, on that occasion, users ended up being taken to a “make money fast” website.
We have sent a message to Facebook’s security team, asking them to look into this latest attack. Hopefully they will be able to shut it down, and investigate if a security flaw exists.
You must think before you click on links on Facebook. If something sounds too good to be true, it probably is. You can learn more about security threats on the social network and elsewhere on the internet, join the Sophos Facebook page.
That would suck, especially if advertised through something as personal as facebook. For one I would suggest better security tecniques. Encryption is something that many websites seem to slack on, but then again many devices do the same by not or only partially supporting the latest security algorithms. Https would be a start throughout the entire site and not just for the initial login. Also better monitoring of accounts and possibly some kind of script to intelligently sniff out these malicious posts or
links and remove them.
I also came to notice that facebook link scam is spreading more and more. Facebook should seriously look after this problem. I can't believe people still fall for that kind of scam, though. Maybe you should reccomend this little helper here: http://brain.yubb.de/ . 🙂 Take a look (if you know German that is).
Facebook & Security seem to be mutually exclusive terms.
So, how can you rate Facebook on these terms?
You should post how to stop this kind of thing when it happens. This is only for those spammed to their wall “via Email” Follow these instructions:
Go to “Account Settings”….Click on the “Mobile” tab. Then click on “Go to Facebook Mobile” Then click on “Send Me My Upload Email” At the bottom of the paragraph titled “Tips” there is a link to refresh your upload email…click that. Just remember that FB will only allow you to refresh this email only a few times.
Facebook and Security are oxymorons??? They are also an antonym because although they seem incompatible, they fit the criteria of 'inheritness'. It's a given that when you say Facebook, you think insecure/unsafe.
Thank you for this post. The business page that I'm the admin on (www.facebook.com/intelligence2) has been affected by this spamming problem since the weekend (4 days and counting). We have reset our "upload via email" address several times since then but the iPhone 4 spamming messages "via email" continue. If you have any more pointers about how to solve this problem we would be extremely grateful. Our Facebook followers were initially sympathetic and are now getting a little angry!
Hard to say without seeing your account but one thing I would look at is this…
Check all the accounts belonging to your page's administrators. Make sure that all of them are squeaky clean (no rogue apps, new carefully-chosen strong passwords that can't be easily broken through brute force, harden your privacy settings, refreshed mobile email addresses)
You could also contact Facebook security and ask them what on earth is going on..
im having the same problem as intelligence, i never even filled out 1 of those survey things… ive reset my email a few times, how can i get it to stop? please help..
Maybe it's time to change your password to something unique, and hard-to-guess (NOT a dictionary word).
Double-check all the applications that have access to your profile, and revoke permissions for any that you don't feel are essential.
Good luck.
i’d say my passwords are pretty good and ive changed it about a dozen times, i dont think there’s anyway they could guess it that many times.