Posts tagged as:

security

Stolen Facebook, Twitter Login Credentials On Sale

February 10, 2012

Cybercriminals are selling bulk log-in credentials of social networking sites Facebook and Twitter, and web server management software cPanel.

Security company Trusteer says it has discovered evidence of “factory outlets” where the information are being put up for sale at wholesale rate using underworld advertisements. The information were also available in country-specific batches at $30 a log-in.

Login credentials of financial sites are more valuable to most cybercriminals. The information is harvested by infecting systems with Trojans such as Zeus or SpyEye. These malwares also captures the login credentials used on the victim’s machine to access other websites, in addition to online banking credentials.

“To monetize the login credentials that pile up, fraudsters have started setting up “Factory Outlets” to sell them off,” Amit Klein, Trusteer’s chief technical officer, wrote in a blog.

He stress that the offering of cPanel credentials was particularly worrisome.

Fraudsters can use the account logins for web hosting admin system like cPanel to hijack a website and “plant malicious codes on these sites … that can exploit browser vulnerabilities and infect machines through drive-by-downloads.” The next step, in common practice, would be to “lure victims to the site through phishing emails and social network messages,” infecting the victims machines to carry out attacks and start over the vicious cycle.

Having access to bulk social network accounts can also be used for spamming and spreading scams on the sites.

“This latest development provides a window into the vast cybercrime aftermarket that has risen up on the internet and been made possible by sophisticated malware. Whether it’s bulk drive-by download infections, bulk login credentials, pre-built web-injects, etc., criminals today have an unprecedented arsenal of tools at their disposal to attack banks and enterprises,” Amit wrote.

Facebook officials told Trusteer that it actively detects known malware on users’ devices and validates every login to the site to check for malicious activity.

{ 0 comments }

Facebook Paid $40000 In Just 3 Weeks Under Its Security Bug Bounties

August 30, 2011

Facebook has paid already $40000 to security experts for reporting bugs in its site.

Just three weeks back, Facebook has announced its Bug Bounty program that rewards Web hackers for finding any flaws on its website. The company said on Monday that within this shot period, it has paid more than $40,000 as reward under this program to those security experts around the world who have identified vulnerabilities on its site.

Joe Sullivan, chief security officer at Facebook said, “The program has also been great because it has made our site more secure – by surfacing issues large and small, introducing us to novel attack vectors, and helping us improve lots of corners in our code”.

He also clarified that the company is not just paying $500 for a reported bug but has also offered as much as $5000 for the most serious security holes.

One expert has already received $7000 for flagging six different issues and also the company paid $5000 bounty for one really good report. He didn’t mention if there was a maximum amount and didn’t rule out the criteria for determining when one report is better than another.

Facebook is also dealing with bogus reports from people who were just looking for publicity. The program covers only bugs found on the main Facebook website and doesn’t extend it to third-party apps that work with the website. The company is providing legal protection to these reporters who in course of identifying flaws may have had to break the law.

{ 0 comments }

Facebook Publishes It’s official “Guide To Facebook Security” For Users.

August 21, 2011

Facebook on Thursday released the official “Guide to Facebook Security”, aiming to educate Facebook users to keep their Facebook accounts safe. The guide comes in a PDF format and can be easily downloaded from Facebook Safety Center here: www.facebook.com/safety

The 20-page guide co-authored by security experts Linda McCarthy and Keith Watson Denise Weldon-Siviy, an editor and teacher. It explains how users can:
• Protect their Facebook account
• Avoid scammers
• Configure advanced security settings
• Recover a hacked Facebook account
• Stop imposters

Facebook which has over 750 million users accross the globe, its privacy and security is of crucial important. There are many personal information that people share in this platform. If users aren’t acquainted with privacy-protection and security practices, then they will be exposing their identity to scammers and fraudulent people.

The guide offers some top tips for staying safe online:
• Only befriend people you know.
• Create good password.
• Change pasword frequently and never share to others.
• Share your personal information only to trusted people and sites.
• Only download apps from sites you trust.
• Keep your anti-virus software update.
• Log into Facebook only once each session.
• Logging out of Facebook when you are not using.
• Beware of enticing links coming from your Friends.

Security on Facebook is both a shared responsibilty between Facebook and the people using this platform. It is worth looking at this ‘Guide to Facebook Security’ and make your world of social networking secure and protected.

{ 0 comments }

Online Home Robbed On Facebook, Real-life Investigation On

October 26, 2010

Privacy concerning Facebook will never be a thing of the past. Sorry, but it’s true. We have heard and read about burglars using Facebook to target and rob homes. As if that is not enough, virtual homes in Facebook itself are getting robbed now. Lol! OMG! … I really don’t know how to react to this news.

Anyway, according to a report on AFP, Ms Letizia’s virtual flat in the Facebook game Pet Society was recently cleaned up by some unknown person who hacked into her account.

This online burglar made away with all the virtual goods that include items like Jacuzzi, designer sofa, billiards table, paintings, carpets etc from the luxurious seven-room online flat, except Letizia’s pet (a cat).

All the time and money spent playing the game has come to nothing for this 44-year-old victim. She is said to have invested around £88 in the game.

Pet Society is the most popular pet simulation game on Facebook with around 12 million active players every month.

A real inquiry in the burglary has been launched and Italy’s postal police have been given the charge for the inquiry.

Now, we Facebookers have one more reason to tighten up our security measures on Facebook.

{ 0 comments }

Warning: Watch Out For Facebook Phishing Scams

June 28, 2009

Wikipedia describes phishing as:

… phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication.

What this means is, you may one day end up on a web site that looks exactly like Facebook’s login page. Alaways be sure to look at your web browser’s address bar to ensure you are currently at the domain “facebook.com”, if you see something other than “facebook.com” in your address bar, leave immediately and go directly to www.facebook.com.

If and when you encounter a facebook phishing scam, please report it directly to facebook.

{ 5 comments }

security

Stolen Facebook, Twitter Login Credentials On Sale

Facebook Paid $40000 In Just 3 Weeks Under Its Security Bug Bounties

Facebook Publishes It’s official “Guide To Facebook Security” For Users.

Online Home Robbed On Facebook, Real-life Investigation On

Warning: Watch Out For Facebook Phishing Scams

Search

Archives

Facebook Login

Twitter

Subscribe

Articles

Recent Posts

Pages