Facebook Security and Privacy

homuskratNetworking and Communications

Nov 20, 2013 (3 years and 27 days ago)

203 views

Facebook

Security and Privacy
Issues

Brian Allen

Network Security Analyst

Washington University

December 2, 2010

Alumni House


Today’s Discussion Items


Social Networking Security and Privacy:


Facebook

photo settings


Phishing examples


Facebook

and Computer Tips


Ursa

Bear Observations


Highlighted
Facebook

Malware:


Koobface

Twitter Phish 1 of 2

Twitter Phish 2 of 2

Facebook

Options


Facebook

User


Facebook

Page


Facebook

Group


Open: All content is public.


Closed: Limited public content. Members can see
all content.


Secret: Members and content are private.

Facebook

Group Problems

1.
Members can add friends. No confirmation is
required by the person being added.


O
ne of your “friends” could add you to the new,
closed “Al
-
Qaeda lovers” group.

2.
W
hen
Facebook

group administrators step
down, anyone else can take over.


For small groups, administrators can edit a group
name or info, moderate discussion, and message
group members.


Social Network Policy


http://isc.sans.edu/diary.html?storyid=9733


http://isc.sans.edu/diary.html?storyid=9826


Link Security Tips


U
se caution when clicking a link or opening an
attachment, even if sent or posted by a friend.


If you have any doubt, get confirmation directly
from the sender.


Be wary of messages that include attractive offers
or urgent requests.


W
atch out for links that require you to
immediately provide a login and password.


Type the URL (for example, www.facebook.com)
directly into your browser address bar.

Browser Security Tips


Use Firefox as your regular browser and have
it automatically update itself.


Firefox 3+ has Phishing and Malware
Protection on by default to help keep you safe.


Use the Add Block Plus Firefox
Addon
.


Use the
NoScript

Firefox
Addon

(for diehard
users only)

Four OS Security Tips


Make sure the operating system has:


U
pdate automatically


Up
-
to
-
date Anti
-
virus/Anti
-
spyware


Firewall turned on


All accounts have strong passwords

Facebook

Security


Facebook

provides easy tools to help you:


K
eep track of your activity


Keep track of your logins


C
ontrol the information you share


P
rove your identity if you ever lose access to your
account

Facebook

Security Tips


Facebook

Account Security


Facebook

Download Info


Ursa

Bear 1


Ursa

Bear 2


Ursa

Bear 3


Ursa

Bear 4


Ursa

Bear 5


What To Do With A Scam


If you come across a scam, report it so that it
can be taken down.


Facebook

provides report links next to most
pieces of content, as well as ways to report
spam messages and emails.


You can also let the Network Security Office
know about it.

Koobface

Botnet


Koobface

made an estimated $2m since July 2009


It makes money by selling
scareware

(fake anti
-
virus), doing click fraud and other scams.


Koobface

targets
Facebook

and other sites.


400,000+ bots; 20,000+ fake
Facebook

accounts


Tricks users to execute malware disguised as
Flash updates needed to view shocking content.


T
he malware turns compromised PCs into zombie
drones under the control of hackers.


http://www.theregister.co.uk/2010/11/15/koobface_take_down/

Fake Anti
-
Virus Screen Shot


KoobFace

Botnet


How it works in one example:


Koobface

is a Russian based
botnet


The threat arrives as a
Facebook

private
message that contains a supposed link to a
youtube

video

Don’t Click the LINK!

Koobface

Example Continued


Users who are tricked into clicking the link are
redirected to other pages until they finally end
up at a spoofed
YouTube

site called
YuoTube


Don’t Trust the “Adobe Flash Update”!

How
KoobFace

works


It searches for social
-
networking
-
related cookies
and connects to these using saved login sessions.


It then navigates through users’ pages to search
for their friends.


I
t phones home to get the actual message that
the worm will then spread to your friends.


McAfee says it is not
unusual to see 10,000
Koobface

variants in one
month.


http://blogs.mcafee.com/mcafee
-
labs/malware
-
at
-
midyear
-
a
-
summary



TrendLabs

considers Zeus and
Koobface

to be the
most prolific malware
families


http://
us.trendmicro.com/imperia/md/content/us/trendwatch/researchandanalysis/tm101hthreat_report.pdf

Koobface

Targets
MacOSX


A
new version
of
Koobface

attacks
Mac
OSX
spreads
through
Facebook
.


Security company
Intego

says this
version uses
a malicious Java applet to attack users.


http://krebsonsecurity.com/2010/10/koobface
-
worm
-
targets
-
java
-
on
-
mac
-
os
-
x/

Facebook

Survey Scam


A message is posted with an enticing link.


It appears to be posted by one of your friends.


Facebook

Survey Scam


Clicking the link takes you to a page which
makes you "Like" the page before showing you
the “SICK hidden message" from Toy Story 3.


Facebook

Survey Scam


The goal for this scam is to direct users to an
online survey.


The survey is required if you want to view the
Toy Story 3 content.


The scammers make money for the traffic they
bring to the survey, and the survey
-
makers will
benefit from collecting your data.