Outreach Information Services

Facebook Malware Risks

There has been a growing number of viruses/malware that target users of Facebook (as well as other social networking sites such as MySpace) that are designed to either steal your login information or cause some level of damage to your computer. The two main forms of delivery start the same way, sending you a message either through Facebook or directly to your e-mail account.

In the case of messages sent via e-mail, you should first verify that the message is actually from Facebook (*.facebook.com/) and not from another party pretending to be Facebook. If you are unsure as to whether or not the message is authentic, do not click on any of the links contained within the message, but rather go to the Facebook website and log into the site using Firefox or Internet Explorer. If the e-mail asks you for your username or password, it is most likely not a legitimate message but rather a scam to get your account information. Please note that though I am discussing Facebook here, you could substitute most any other company (like your bank) and the same would still apply -- never give out your username or password in an e-mail and if an e-mail asks you to do so, the probability that the e-mail is a fraud exceeds 99.999%.

In regard to internal messages sent to you on Facebook or most any other social-networking site, people are starting to get messages telling them to check out a video online. Even though the message appears to come from a friend, you need to treat the message with caution since it may be a fake message that only appears to be from your friend but in truth is not. Though most videos online do not contain viruses or malware, there is now a virus going around called Koobface. The Koobface virus works by convincing you to install an update for Windows Media Player and/or Adobe Flash Player. In either case, the update is not actually an update but is rather a way of getting you to install the virus. Once the virus is installed, your computer will start to send out malicious e-mail messages as well as send out messages to your friends on Facebook and other sites telling them to check out a video and thus repeat the cycle.

If you think that you may have already fallen victim to this attack, please request assistance from OIS by clicking on the Kaseya icon (maroon and orange question mark near your clock) and selecting "Request Assistance" from the menu, or send an e-mail to ois@exchange.vt.edu Doing either will create a help request ticket and a member of the OIS team will contact you to provide assistance in removing the virus.

If you have any questions about the virus itself, please contact me via e-mail at jkgoodman@vt.edu or read the following article from Kaspersky
Labs: http://www.kaspersky.com/news?id=207575670

 

Author: Joseph K. Goodman