27 February 2009

facebook virus prevention tips

Posted by Jerry Kidd under: Computer Security; How to... .

Recently subscribers to facebook have been receiving emails from people in their networks that at first glance appear to be legitimate invitations. However, if you should click on the link in the email it will take you to a site that will attempt to install a Trojan horse program on your computer.

Should that happen your computer could be disabled, it could be used to further transmit bogus invitations, it could be searched for sensitive information, it could become a relay for spam or many other nefarious activities.

One of the joys of sites like facebook is that they allow you to connect and keep up with your networks. In an active facebook network you might expect to get several of these requests a week. More if you have a large and active network.

So, the question is how can I tell what is a legitimate request and what isn’t? And then the next question is what happens if I accidentally click on one of these links?

Let’s tackle the first question. Here is a picture of a recent Facebook invitation that leads to a Trojan site. (It’s only a picture; none of the links will work) I’ll discuss how you can use this as a model to determine what is real and what is dangerous.

Item 1: This is a legitimate Facebook sender. The problem with these Facebook invites is that the user account of some poor soul on Facebook has been hacked and is being used to send these emails directly from Facebook.

Item 2: It is coming from someone that you know so you think it’s safe to take action on the contents. This is nothing new and has been used for years by virus senders, so you should already know to be cautious when opening ANY email. Right?

Item 3: Here is where the first clue comes in to play. Notice the mis-spellings. Are you really subject to a spy camera? Probably not. This should set off your spider sense that something is wrong.

Item 4: Here is the giveaway. Starting from the left and reading to the right, we see: http://www.facebook.com/1.php?u= so far so good, but then it continues with another http://adreeanalin… This link makes you think that it goes to Facebook but it actually wants to redirect you to another web site. You should make it a practice to look at the links in these emails. If there is more than one http in a link you would be best served to NOT click on it. Instead call the sender and ask them if they sent you an invitation. You need to call your sphere more often anyway!

Items 5 an 6: These may be legitimate links, but since we have already identified this as a dangerous email, there is no reason to go experimenting. Delete the email and empty your Deleted Items Folder. Next, log in to Facebook and Open your Inbox and delete the Invitation from there as well.

But, you say, what if I mis-read this and click on it anyway?

Here is where I will answer the second question. If you have kept your computer up to date with all of the Microsoft updates, and if you have installed a modern Anti-Virus platform that also monitors your surfing activities, chances are good that you will either be warned that you are attempting to visit a dangerous web site and you will prevented form completing the action. Older Antivirus software that is kept current with updates may not warn you that you are visiting a dangerous site, but they will probably not allow the Trojan to infect your computer.

So, keep your software updated. And pay attention to what you click on. You are the best first line of defense when it comes to safe computing. By the way, be sure to have current backups of your data, if your computer does manage to get infected, sometime the only sure remedy to effect a repair is wipe off your hard drive (Or even install a new hard drive). If your data isn’t backed up, you will lose it all, which could be a real disaster.

4 Comments so far...

Leave a Reply

Name (required)

Mail (will not be published) (required)

Website

Notify me of followup comments via e-mail