I promise this is not another anti-facebook rant but is in fact some genuinely useful information. The Sophos team has released some very interesting information about poisoned links (otherwise known as rogue applications) on facebook; they are problematic and prolific. Have you ever seen this message? “OMG! I didn’t believeyou could see whos been looking at your profile but it actually works, I now know who exactly has been looking at my pictures Check it out here”
This is just one example of a poisoned link and the( facebook team ) are doing very little to protect its users from these kind of scams. Watch the video below to see how the poisoned link scams work.
<iframe title=”YouTube video player” width=”640″ height=”390″ src=”http://www.youtube.com/embed/wMFom2x-AEA” frameborder=”0″ allowfullscreen></iframe>
The IT community is becoming acutely aware of how social networks are being targeted by malicious software. It is reaching critical point much like phishing scams did in the early to mid 2000s. There are three major issues that are allowing this spread of harmful software; firstly the lack of protection offered by the social networks and their reluctance to figure out ways to stop the rogue programs from operating; secondly the relaxed attitude cultivated by social network communities which drives people to click without thinking; and finally the general lack of knowledge that the average user has about malicious software, basically people are ignorant to the dangerous of online rogue programs.
Cloudmark is a messaging security firm and the director of security operations had this to say:
“With the rise of dynamic, short messages, popularized by Twitter and mobile text messaging, users have not only reduced their response time to short messages and updates within social networks, but they are more likely to respond as well…Unfortunately this desire to quickly be informed of the events of the world conditions users to read and respond without taking pause to consider the consequences of their actions.”
Smartphones allow us to receive updates directly as they come into our social network accounts, we don’t even have to be logged into those accounts but we can still respond to messages. This kind of quick response increases the chance of people acting without thinking and thus following a poisoned link. Hiding a bad link is much easier on a social network compared to an email; again this shows how the social network climate helps to disguise these rogue programs.
Facebook and twitter should be doing more to stop the rising tide of rogue programs on their sites. You would assume that by now that the facebook team would have figured out some of the older more prolific scams like the one mentioned above and put out a warning message or written some code to stop it. The criminal organisations that run these scams are having a great time right now, they have the platform to reach millions, they have very little security to contend with and also they have soft targets. Most people would consider themselves bad at using computers but they know enough to create social network accounts – nobody wants to miss out on the facebook revolution. These people create accounts but have very little idea about the dangers they face and without some knowledge of malicious software it is very easy to walk blindfolded into these scams.