Attention Facebook and Twitter users: You’re still at risk. Last year, our survey found that lots of people using social networking sites were taking the risk of financial loss, identity theft, and malware infection. Have things gotten any better? Well, the answer is yes but, unfortunately, not better enough — and potentially a lot worse for some of you.
The results of our 2010 survey reveals that more of you are adhering to some safe behaviors — like blocking profiles from being visible through public search engines. That’s a good thing, but the downside is over 25 percent of you haven’t changed your default privacy settings. And more that three quarters of survey respondents haven’t placed any restrictions on who can see their recent activity.
I worry about this because you can’t escape the fact that rogue operators are always trying to extract details about you. They want access to anything that can help them dig into your private life. They can break into Web mail accounts, get your credit card number, steal your identity, or even attack you through cyber-stalking.
And they’ll do anything to get the info, from attacking you with malware to tricking you into revealing passwords.
With that, and our survey in mind, on the following page I’ve posted a few suggestions you can follow to protect yourself.
Spammers hawking “fun videos” have been worming their way into Google Groups, the global message board Google built on the skeleton of the old Usenet network. Only, the pages the spammers point victims to, which don’t actually contain videos, come with a nasty surprise: Rogue antivirus apps.
The attacks began late last year, but have been increasing in frequency through the holidays, and haven’t abated in the new year. The users sending out the spam messages all use free Gmail accounts (one even named his spam account Santa Claus), and have been requesting access to both open-membership and closed-membership Groups, the latter of which require an administrator’s approval. Once added to a group’s member list, the spam accounts post brief messages (an example shown at left) with a link.
The URLs originate from a number of link-shortening services, but they all work the same way: Each shortened link points to a different, unique subdomain of the Utah-based free Web hosting service 150m.com. Those pages contain a single line of code which redirects the browser to one of several servers with Chinese domain names. Those servers, in turn, redirect the browser to the website hosting the rogue antivirus installer. The shortlinks and Chinese websites only remain viable for a day or two, at most.