Secure Your Facebook

Facebook has finally wroke up and decided to offer a secure browsing option for it’s members. This is a critical new feature because it allows you to access Facebook on a secure connection (https as opposed to http). This however is not turned on by default but you can reportably manually activate this feature from “Account Settings”. When I recently opened my “account settings” this option was not there yet. Perhaps Facebook is rolling this out soon so check your “account settings” from time to time to see if the feature has been added to your account.

I did however try the secure connection manually and it is available and working.
You can manually access the secure connection by entering https://www.facebook.com in your browser and signing in. Then replace this secure connection as your “favorite” anywhere you previously had your Facebook link.

This secure connection is the same type of connection utilized for banking and it protects the privacy of your information. Phising sites and other questionable sites are unable to see your information when you use a secure connection.

Altough Facebook warns that using the secure connection may slow down some surfing because of the encrypted session I would not worry so much about this. Another problem may involve some third-party applications which currently do not support https so be aware of this as well.

This is a big step for Facebook and it has been a long time coming.

New Facebook Profiles Invite New Threat

Facebook is great fun, and can even be a great way to keep in touch with not only your friends and family but your work mates as well. Facebook because of its very nature needs to be used with caution and a good dose of common sense, as the following article clearly proves.

Security officials from Trend Micro caution that malware creators are taking misusing the buzz made by the latest Facebook profiles to push harmful program on to user’s systems with the help of Facebook toolbar.

The toolbar is forged, but is well crafted. The mails appear to have come from Facebook and use the site’s template also. The subject of the mail is “Hello dear friend!” and the message is signed by “The Facebook Team”.

It reads: “Hi dear Friend. Now you can download the Facebook toolbar. Now it will be easier than ever to share and connect with your friends. Thanks”. The message comes with a big green button which says “Download Here”, which on clicking, takes to a site serving a file calledfb.exe for download.

As per Trend Micro, this file is actually a variant of the Zapchast IRC backdoor.

Security expert state that Backdoor.IRC.Zapchast installs IRC scripts and configuration files that enable the infected system to be used as a zombie. The infected machine connects to some IRC channels mentioned in the configuration files and is controlled by the hacker. Also, some Zapchast variants come infected a computer virus called Parite.B.

Cristina Buenviaje, Anti-Spam Research Engineer at Trend Micro said that, lately, Facebook brought in some changes to the profile pages of its users which make it easier for users to display their latest activities and to know about their friends. Also, it is not a matter of concurrence that soon after this change, they started getting fake mails from Facebook, as per the news by blog.trendmicro.com on December 9, 2010.

The security experts claim that it has become an expected pattern. Everytime Facebook initiates some changes; the attackers launch mail campaigns that misuse the change and lure users into installing malware.

Facebook has attempted in the past to increase the security level, but as per from BitDefender, an Internet Security Firm, is filled with Trojan horses, keyloggers and other kinds of malware. The viruses could be found in harmful links and other third-part applications.

You can read the full article here.

1 2 3