The Federal Bureau of Investigation recently released a statement warning of phishing scams on sites such as Facebook, Twitter, Myspace, and LinkedIn. In these hacker attempts, a message is sent to a user’s profile page instructing the user to download an application, watch a video, or even simply visit a specific Web site. These supposed services are infected with viruses or spyware designed to exploit the user.
What makes these hacker attempts especially misleading is often these messages appear to be sent by the user’s friends. In reality, the user’s friend has been infected by a similar attack and isn’t even aware of the message being sent. If the user complies with the message and goes to the Web site or installs the program, the hacker-sponsored item installs a virus or spyware on the user’s computer. These programs can monitor the user’s keystrokes, steal personal information, and even take control of the user’s profile on the social network, sending messages to the user’s friends. These messages instruct them to do the same.
There are several ways for social networking users to avoid these issues. The first and foremost method is to be selective of who they accept as a “friend,” since friends have access to a large amount of personal information. Secondly, users should adjust their privacy settings to be less revealing to outsiders. Many networking sites have provided very useful tools for achieving this. Finally, be wary of any invitation sent by an online friend; if their account has been hacked they may send messages designed to infect the user’s profile as well.
Click here to read the article (about one-fifth of the way down)