Humans under fire: Being attacked via Social Media

In previous blogs I discussed how educating users in a business environment would help improve cyber security for the company and empowering the users allows them to carry the awareness back home and further extend the corporate firewall.

Hoaxes and chain letters are also a form of virus – they propagate from messenger to messenger and mailbox to mailbox by people. There are sites like Snopes that allow you to confirm or debunk those messages you receive that seem vaguely authentic.

Hackers are always trying to gain access to a person’s computer, whether it be at home or at work. A person’s home computer can be used as a stepping stone for attacks against their company. Once a computer is infected, keystrokes and screenshots can be captured, credentials can be stolen and used to hack into companies. Infected computers can be used as launchpads for attacks against other computers on the Internet. If the right people are hacked, unauthorized banking instructions can be given.

Some attacks are propagated through email and are fairly easy to detect and avoid. A new virus doing the rounds hijacks a person’s Facebook account. Although it has been active in the US for a while, it is finally making its way to smaller countries like South Africa. With social media being so pervasive, it is an ideal platform to propagate on.

The current virus doing the rounds appears on a person’s Facebook wall as a post from a friend. It contains a copy of their profile picture with a shortened web link underneath that purports to be to a video containing the victim. Clicking on the link takes a person to a malware riddled site and installs a Facebook application onto the victim’s profile. The primary function of this virus is to:

  • Steal system information
  • Steal facebook account information
  • Steal browsing history
  • Steal email accounts and other passwords
  • Spam the victim’s friends list with a message in the same way it was received

Once a malicious application is installed in a person’s facebook profile, it is a virtual gateway for any sort of malfeasance. Fortunately cleaning Facebook accounts is pretty easy. They can go into Settings then Apps and remove any unwanted and / or unknown applications. It is then advisable to change all passwords and if need be, inform friends who may have been contacted without the victim’s knowledge. Regardless of the situation, the original poster would have to be notified so that they can proceed with the same remedial steps. As with any infection, a full system scan should be completed with a well respected anti-virus product which should be installed at all times.

Users should always be vigilant when interacting on the Internet and when receiving suspect messages, posts or emails, should confirm their validity with the sender. An informed user is a safer user both at home and at work, and therefore an important market-focus for us at Applxbridge.

The following two tabs change content below.

Andrew Smith

Andrew is a senior systems-engineer with over 20 years experience in corporate and small business environments. This includes consulting for large ICT service providers. He has supported systems at every level in the organization, including infrastructure, operating systems, applications, and perimeter protection. He also collaborates with software development teams on web, database, and infrastructure security. Andrew has co-founded multiple ICT businesses, where he advises on cybersecurity strategies and policies. Andrew has a 3-year National Diploma in Electronics (light current).

Latest posts by Andrew Smith (see all)