Facebook Options Facebook User Facebook Page Facebook Group – Open: All content is public. – Closed: Limited public content. Members can see all content. – Secret: Members and content are private.
Facebook Group Problems 1.Members can add friends. No confirmation is required by the person being added. – One of your “friends” could add you to the new, closed “Al-Qaeda lovers” group. 2.When Facebook group administrators step down, anyone else can take over. – For small groups, administrators can edit a group name or info, moderate discussion, and message group members.
Social Network Policy http://isc.sans.edu/diary.html?storyid=9733 http://isc.sans.edu/diary.html?storyid=9826
Link Security Tips Use caution when clicking a link or opening an attachment, even if sent or posted by a friend. If you have any doubt, get confirmation directly from the sender. Be wary of messages that include attractive offers or urgent requests. Watch out for links that require you to immediately provide a login and password. Type the URL (for example, www.facebook.com) directly into your browser address bar.
Browser Security Tips Use Firefox as your regular browser and have it automatically update itself. Firefox 3+ has Phishing and Malware Protection on by default to help keep you safe. Use the Add Block Plus Firefox Addon. Use the NoScript Firefox Addon (for diehard users only)
Four OS Security Tips Make sure the operating system has: – Update automatically – Up-to-date Anti-virus/Anti-spyware – Firewall turned on – All accounts have strong passwords
Facebook Security Facebook provides easy tools to help you: – Keep track of your activity – Keep track of your logins – Control the information you share – Prove your identity if you ever lose access to your account
What To Do With A Scam If you come across a scam, report it so that it can be taken down. Facebook provides report links next to most pieces of content, as well as ways to report spam messages and emails. You can also let the Network Security Office know about it.
Koobface Botnet Koobface made an estimated $2m since July 2009 It makes money by selling scareware (fake anti- virus), doing click fraud and other scams. Koobface targets Facebook and other sites. 400,000+ bots; 20,000+ fake Facebook accounts Tricks users to execute malware disguised as Flash updates needed to view shocking content. The malware turns compromised PCs into zombie drones under the control of hackers. http://www.theregister.co.uk/2010/11/15/koobface_take_down/
How KoobFace works It searches for social-networking-related cookies and connects to these using saved login sessions. It then navigates through users’ pages to search for their friends. It phones home to get the actual message that the worm will then spread to your friends. McAfee says it is not unusual to see 10,000 Koobface variants in one month. http://blogs.mcafee.com/mcafee-labs/malware-at-midyear-a-summary TrendLabs considers Zeus and Koobface to be the most prolific malware families http://us.trendmicro.com/imperia/md/content/us/trendwatch/researchandanalysis/tm101hthreat_report.pdf
Koobface Targets MacOSX A new version of Koobface attacks Mac OSX spreads through Facebook. Security company Intego says this version uses a malicious Java applet to attack users. http://krebsonsecurity.com/2010/10/koobface-worm-targets-java-on-mac-os-x/
Facebook Survey Scam A message is posted with an enticing link. It appears to be posted by one of your friends.
Facebook Survey Scam Clicking the link takes you to a page which makes you "Like" the page before showing you the “SICK hidden message" from Toy Story 3.
Facebook Survey Scam The goal for this scam is to direct users to an online survey. The survey is required if you want to view the Toy Story 3 content. The scammers make money for the traffic they bring to the survey, and the survey-makers will benefit from collecting your data.