Facebook Security and Privacy Issues Brian Allen Network Security Analyst Washington University December 2, 2010 Alumni House
Today’s Discussion Items Social Networking Security and Privacy: – Facebook photo settings – Phishing examples Facebook and Computer Tips Ursa Bear Observations Highlighted Facebook Malware: – Koobface
Twitter Phish 1 of 2
Twitter Phish 2 of 2
Facebook Options Facebook User Facebook Page Facebook Group – Open: All content is public. – Closed: Limited public content. Members can see all content. – Secret: Members and content are private.
Facebook Group Problems 1.Members can add friends. No confirmation is required by the person being added. – One of your “friends” could add you to the new, closed “Al-Qaeda lovers” group. 2.When Facebook group administrators step down, anyone else can take over. – For small groups, administrators can edit a group name or info, moderate discussion, and message group members.
Social Network Policy
Link Security Tips Use caution when clicking a link or opening an attachment, even if sent or posted by a friend. If you have any doubt, get confirmation directly from the sender. Be wary of messages that include attractive offers or urgent requests. Watch out for links that require you to immediately provide a login and password. Type the URL (for example, directly into your browser address bar.
Browser Security Tips Use Firefox as your regular browser and have it automatically update itself. Firefox 3+ has Phishing and Malware Protection on by default to help keep you safe. Use the Add Block Plus Firefox Addon. Use the NoScript Firefox Addon (for diehard users only)
Four OS Security Tips Make sure the operating system has: – Update automatically – Up-to-date Anti-virus/Anti-spyware – Firewall turned on – All accounts have strong passwords
Facebook Security Facebook provides easy tools to help you: – Keep track of your activity – Keep track of your logins – Control the information you share – Prove your identity if you ever lose access to your account
Facebook Security Tips
Facebook Account Security
Facebook Download Info
Ursa Bear 1
Ursa Bear 2
Ursa Bear 3
Ursa Bear 4
Ursa Bear 5
What To Do With A Scam If you come across a scam, report it so that it can be taken down. Facebook provides report links next to most pieces of content, as well as ways to report spam messages and s. You can also let the Network Security Office know about it.
Koobface Botnet Koobface made an estimated $2m since July 2009 It makes money by selling scareware (fake anti- virus), doing click fraud and other scams. Koobface targets Facebook and other sites. 400,000+ bots; 20,000+ fake Facebook accounts Tricks users to execute malware disguised as Flash updates needed to view shocking content. The malware turns compromised PCs into zombie drones under the control of hackers.
Fake Anti-Virus Screen Shot
KoobFace Botnet How it works in one example: Koobface is a Russian based botnet The threat arrives as a Facebook private message that contains a supposed link to a youtube video
Don’t Click the LINK!
Koobface Example Continued Users who are tricked into clicking the link are redirected to other pages until they finally end up at a spoofed YouTube site called YuoTube
Don’t Trust the “Adobe Flash Update”!
How KoobFace works It searches for social-networking-related cookies and connects to these using saved login sessions. It then navigates through users’ pages to search for their friends. It phones home to get the actual message that the worm will then spread to your friends. McAfee says it is not unusual to see 10,000 Koobface variants in one month. TrendLabs considers Zeus and Koobface to be the most prolific malware families
Koobface Targets MacOSX A new version of Koobface attacks Mac OSX spreads through Facebook. Security company Intego says this version uses a malicious Java applet to attack users.
Facebook Survey Scam A message is posted with an enticing link. It appears to be posted by one of your friends.
Facebook Survey Scam Clicking the link takes you to a page which makes you "Like" the page before showing you the “SICK hidden message" from Toy Story 3.
Facebook Survey Scam The goal for this scam is to direct users to an online survey. The survey is required if you want to view the Toy Story 3 content. The scammers make money for the traffic they bring to the survey, and the survey-makers will benefit from collecting your data.