Beware of Facebook frauds and Google goons
Social media and search engine scams are on the rise. Cyberthieves are finding new ways to slip onto your computer and into your pocket. Are you really sure you're safe?
Follow @ifw_cringelyMore headlines today about the seething dark underbelly of the Web creeping up to slime you and your friends.
According to security company AVG, somebody pwned Facebook's CAPTCHA anti-bot mechanism yesterday, either by cracking the code or (more likely) hiring a team of human drones for a few pennies apiece to decode the squiggly letters. They then created false profiles and used them to share a "home video."
[ The Department of Homeland Security recently reported that the IT sector is resilient against serious cyberattacks, but InfoWorld's Roger Grimes says we're losing the war on cybercrime. | Learn how to secure your systems with Roger's Security Adviser blog and newsletter, both from InfoWorld. ]
Launching the alleged video installed an applet that popped up the usual message telling users their systems were infected by malware (which, in a way, they were) and offering a free system scan, followed by a pitch to buy a bogus $50 product.
Per The Register:
The fraudulent profiles display the same picture of a blond-haired, blue-eyed woman, but with slightly different names and birth dates, said Roger Thompson, chief of research at security firm AVG Technologies. Each invites visitors to click on what purports to be a video link that ultimately tries to trick viewers into installing rogue anti-virus software.
The lesson here: Beware of blue-eyed blondes. But you knew that already.
Yes, it's yet another variation on the scareware scam that infected the New York Times' online ad system a few weeks back.
There's something fiendishly ironic about the fact the biggest scam that malware malcontents are pulling these days is pretending to sell products that claim to protect you against malware malcontents. It's like your friendly neighborhood cat burglar announcing he's going into the home security business when it's really just an excuse to case the joint.
