Tag Archives: mainstream media

Screwed On A Social Network? – Who’s Fault Is It Really?

Not a day goes by, it seems, when Facebook and the opportunities it presents for cyber criminal activity, isn’t in the News. Not mainstream News, of course, since cyber crime rarely involves sex, or violence.

Mainstream media, where salacious and violent news reports rule the airwaves, determined, it seems to me, it had nothing to gain by advising you of the following, very unsexy, non violent, Facebook threats – all from this week incidentally.

‘LOL is this you?’ spam spreading via Facebook chat

Facebook scam: “I may never text again after reading this”

How to Spot Facebook Scams Like ‘Dislike’

Facebook Fires Back at ACLU’s Criticism of ‘Places’

Facebook Warns of Clickjacking Scam

But, throw Facebook and sex into the equation, and mainstream media are out of the gate as if shot from a cannon.

The discovery, that a pedophile ring which used Facebook as their communication channel had been broken up, and the perpetrators arrested, made headlines around the world, just yesterday.

And why not? This is the kind of news event that allows the media to exhibit their moral outrage and indignation. But, when it comes to occurrences that can effect you, if you are a Facebook subscriber, for example – no outrage; no moral indignation. Curious, no?

Maybe I’m missing something here. Could it be that there’s consensus, in the mainstream media community, that Facebook users who become victims of cyber criminals are getting exactly what they deserve?

At one time, I gave the benefit of the doubt to Facebook users, since most typical computer users (I believed), made assumptions that sites like Facebook, and other social networking sites, were essentially safe, and harmless – that Facebook, and others, were looking out for their users interests.

I’ve long since given up on this rather naive view of Facebook users lack of culpability in any harm they were exposed to though. I find it difficult to be supportive of people who throw common sense out the window, and behave irrationally on the Internet.

Despite my hardened view that Facebook users who fall victim to cyber criminals are not entirely innocent, I was still taken aback by the results of a  study conducted, and just released, by BitDefender.

For study purposes, BitDefender asked the participants to “friend” a test profile of an unknown, attractive young woman.

Selected stats from the study:

More than 86 percent of the users who accepted the test-profile’s friend request work in the IT industry, of which 31 percent work in IT Security.

The most frequent reason for accepting the test profile’s friend request was her “lovely face” (53 percent).

After a half an hour conversation, 10 percent disclosed personal sensitive information, such as: address, phone number, mother’s and father’s name, etc — information usually requested as answers to password recovery questions.

Two hours later, 73 percent siphoned what appears to be confidential information from their workplace, such as future strategies, plans, as well as unreleased technologies/software.

Study methodology:

The study sample group included 2,000 users from all over the world registered on one of the most popular social networks. These users were randomly chosen in order to cover different aspects: sex (1,000 females, 1,000 males), age (the sample ranged from 17 to 65 years with a mean age of 27.3 years), professional affiliation, interests etc.

In the first step, the users were only requested to add the unknown test profile as their friend, while in the second step several conversations with randomly selected users aimed to determine what kind of details they would disclose.

Additional details on this study are available here (PDF), as well as on the MalwareCity blog post.

Given the state of the current, and increasing cyber criminal activity on the Internet, it’s almost certain that exposure to cybercrime on Facebook will continue to escalate, and with it, the dangers that this presents. Given the type of behavior reveled in this study, cyber criminals are sure to have a field day.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.


Filed under BitDefender, cybercrime, Don't Get Scammed, Don't Get Hacked, FaceBook, Interconnectivity, Online Safety, Point of View, Privacy, Safe Surfing, social networking, Windows Tips and Tools

Google: Fake antivirus is 15 percent of all malware – Is this NEWS?

image When I get into one of my “what the hell is going on” moods, I can’t help but consider mainstream media, and what a pathetic job it does when it comes to informing Internet users of critical consumer safety issues.

Part of my distain for so called News organizations, is based on mainstream media’s habit of consistently “coming late to the party”, when dealing with a technology issue that demands an immediate response.

Take Google’s recently released (April 28, 2010), 13 month study of Fake antivirus software, for example. Immediately upon release of this study, this “news” was everywhere on the NEWS.

So, what’s wrong with this “news” story? Well, how about this – This is NOT news! Certainly not “late breaking news”. Simply because this study is not news of course, doesn’t mean that it can’t be MADE news.

Here’s a clue for these News organizations – every day, for years now, typical Internet users’ have been exposed to this type of sophisticated malware and penetration attempts, just by surfing the Web. Oh, by the way, when you’re giving advice to consumers as to how they should deal with these issues – get the underlying technology issues right. That’s a minimum expectation!

The Google report is only marginally informative, contains limited new Internet security information of any value, and is, on the face of it, not news to anyone who has been even marginally aware of security conditions on the Internet during the past two years. Despite this, I found that every News channel that I generally watch, had a story in which the Google study was quoted.

Selected outtakes from the Google study:

A rise in fake antivirus offerings on Web sites around the globe shows that scammers are increasingly turning to social engineering to get malware on computers rather than exploiting holes in software.

Once it is installed on the user system, it’s difficult to uninstall, you can’t run Windows updates anymore or install other antivirus products.

Fake antivirus is easy money for scammers.

On this site, (like many others), we have been reporting on Fake AVs (rogue security software) since the first day essentially – more than 100 articles to date.

Additionally, guest writers on this site have addressed the fake AV issue. Guest writers such as Sergei Shevchenko, Senior Malware Analyst at PC Tools, who, in his guest article, “Be Prepared for 2010’s Malware – PC Tools Malware Trends in 2010”, offered readers a peek into the 2010 malware landscape and made the following observations respecting Fake antivirus applications – long before Google’s report.

Cybercriminals operate in the same way as legitimate organizations – they’re looking for the best return on their investment. It’s therefore inevitable that as we move in to 2010 there will continue to be increased interest in producing malware that brings swift and healthy dividends, with a focus on new and diversified rogue security solutions and in continuing to employ social engineering techniques.

When the initial “accumulation” phase of the rogue security software businesses comes to completion, we might expect cybercriminals to start using their budgets for establishing call centers, support lines, virtual offices, registering off-shore companies, and even launching advertising campaigns.

Users who keep an eye on the range of security software solutions on the market will be aware that many vendors already provide at least one of these services. The difficulty lies with making an informed choice on which offers the best protection – and that’s where the independent anti-malware testing labs come to the fore.

I’ll stop ranting now.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.


Filed under Bill's Rants, cybercrime, Google, Interconnectivity, Internet Security Alerts, Rogue Software