tag
Facebook

Armor-Piercing Rounds for Chain Mail

In my copious free time, I contribute to and in some cases maintain a number of other blogs (the ones with a security bias are listed in my signature here). The chainmail/hoax checking page at http://chainmailcheck.wordpress.com/ was specifically set up to explore a hoax/chainletter mitigation project that's still in the preparatory stages, but I've been posting

“Londoning”: Mugs and Muggings Revisited

Last summer (June 2009), I posted about an example of a very common scam that relies on the scammer gaining access to someone else's email or Facebook account, then sending messages to all their contacts claiming that they've been mugged while abroad on business or vacation, and need their friends to send them some money

PleaseRobMe

We seem to have pointed out rather often recently that giving away lots of information on Facebook, Twitter and other social network sites isn't a good idea. PleaseRobMe claims, somewhat amusingly, to be a resource for burglars, saving them the trouble of searching through Twitter and Foursquare for information on whose house is currently unoccupied. In

Hoy nos escribe: el fundador de Facebook

Parece que los hoax han llegado definitivamente a la red social más popular. Luego del incidente de hace unos días con el falso mensaje respecto a la aplicación Unnamed App, otra vez alguien se ha tomado el trabajo de distribuir un mensaje en cadena por Facebook. Les recuerdo que los hoax son mensajes falsos, distribuidos

Ten Ways to Dodge Cyber-Bullets (Part 6)

[Part 6 of an occasional series, updating a blog series I ran in early 2009 to reflect changes in the threat landscape. This series will also be available shortly as a white paper.] Social Networks Can Be Very Anti-Social Don’t disclose sensitive information on websites like FaceBook or LinkedIn if you can’t be sure that you

Unnamed App: it’s the SEO that matters, not the app

As more information and discussion has come in on this, it now merits an update in its own right. It seems that there is at least one other unnamed app around as well as the Boxes issue, and while I've no reason to assume that it's malicious, I'd hardly advise that you rush into installing

Verified by Visa – Pushmi-pullyu*

* http://en.wikipedia.org/wiki/Pushmi-pullyu#The_Pushmi-pullyu In an article in the Register with the eye-catching title of "Verified by Visa bitchslapped by Cambridge researchers", John Leyden comments on the argument by Cambridge researchers Ross Anderson and Steve Murdoch that the 3D Secure system, better known as Verified by Visa or Mastercard Securecode is better suited to shifting liability for

Unnamed App Facebook Scam

[Update: There's been quite a lot of discussion and extra information coming in on this. It seems to me that there is at least one unnamed app around as well as the Boxes issue, and while I've no reason to assume that it's malicious, I'd hardly advise that you rush into installing an application when

McAfee Teams Up With Facebook

You may have seen the news that Facebook is teaming up with McAfee to improve security. Frankly, providing users with McAfee’s product is not likely to do much in terms of improving security. Facebook users all over the world have access to free and paid solutions, so this isn’t likely to make a big difference.

What Does The World Know About You?

Social networking sites have become living biographies of people and may set them up for social engineering attacks. From time to time I enjoy looking to see what I can find out about people who send question to me using the AskESET@eset.com address. I won’t ever name names, but I wanted to share one example.

Your Data and Your Credit Card

[Update: I had a couple of machine crashes while I was writing this, and only just realized that a pointer to Allan Dyer's excellent article at http://articles.yuikee.com.hk/newsletter/2009/12/a.html hadn't survived to the final version. Which is a pity, because it's very relevant, and well worth reading.] Over the weekend, I posted a blog on the AVIEN site

The Internet Book of the Dead

This blog is a bit of an oddity. ESET UK were approached by Dan Damon, a reporter putting together a piece about “the complications of a digital world when someone passes away”, asking if there was someone at ESET who would be interested in being interviewed for BBC1 radio on the subject. The request got

Hold the jemmy a second, I need to check Facebook

The Journal of West Virginia reported yesterday that 19-year-old Jonathan G. Parker was charged on Tuesday with felony daytime burglary. He’s alleged to have stolen two diamond rings worth more than $3,500, but to have taken some time out to access his Facebook account on the victim’s laptop. If the report is correct, it seems that

Fan Check: Fretting about Facebook

Update: Lysa Myers, of West Coast Labs, has confirmed that she knows of a number of people who’ve used the application and didn’t see anything fishy happening. It did offer to send emails outside Facebook but didn’t insist on it, so it’s hard to see where the messages from unapproved contacts are coming from. I’ll

ThreatSense.Net® Report for July

Our July ThreatSense.Net® report has been released today, and will eventually be available from the Threat Center page here. Most of the top ten entries are old friends: well, familiar names might be a better way of putting it. One of the disadvantages of having a scanner that makes heavy use of advanced heuristics is

There’s Security, Then There’s Social Security

How secure is your Social Security Number? If your answer is "Very: I only ever give it to organizations who are entitled to know it", that may not be as safe as it sounds. Of course, there are a couple of fairly generic issues: some legitimate, convenient organizations may ask for it who are, nevertheless,

Nothin’ tweet about me

I’m still getting the occasional request to follow on my most obscure Twitter account, which is protected (meaning that I have to approve requests to follow me on there). Sorry, but if I don’t know who you are, you won’t get approved on that one. Even if I do know who you are, you won’t

Social Networking or Social Suicide?

I just read a startling news story about how someone didn’t understand what NOT to post on Facebook. The article titled “British spy chief’s cover blown on Facebook” tells how the wife of Sir John Sawers put up way too much information on Facebook. You can read the story at http://tech.yahoo.com/news/nm/20090706/tc_nm/us_britain_mi6 You don’t have to

Mugs and Muggings, Scams and Facebook

The estimable Gadi Evron has posted an article at DarkReading about a dialogue he was caught up in on Facebook. One of his contacts popped up in a Facebook Chat window and told him how she’d been been held at gunpoint and robbed in London, losing her credit card, cash and mobile phone. Well, having

Facebook: Computeracy by Degrees

When I first went to university at the end of the 1960s (yes, I really am that old, though not quite old enough to be of that generation that only remembers that decade through a haze of psychedelic phenomena), my choice of social sciences was regarded as somewhat fluffy. It was the age of "the

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

4 articles related to:
Hot Topic
03 Apr 2010
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.