A computer worm that has previously targeted banking details has now stolen the logins of 45,000 Facebook users and may soon spread to other online accounts...
An animal with no limbs, a computer game from the 1990s and now a pesky computer virus – it’s fair to say the definition of ‘worms’ has changed over the years.
And according to a warning from a security firm, a new variety of this virus has begun targeting online accounts in the UK.
Worming in
The computer worm has stolen usernames and passwords from more than 45,000 Facebook accounts mainly across Britain and France, according to a Seculert blog. The culprit is a somewhat notorious virus known as Ramnit: a piece of malware that last reared its ugly head in October, in the form of a financial scam known as Zeus 2.
Once infected, the virus hijacks passwords and may target and destroy important software components including Microsoft Office and HTML files.
In addition to this threat, cybercriminals are taking advantage of the fact that many people use the same password for many web-based services. This allows stolen Facebook password data to be used to access other online accounts and corporate networks.
The virus works by worming its way into your Facebook account and spreading malicious links to your friends. These links are usually accompanied by tempting messages urging your friends to click the URL (often by offering bogus free gifts or personal gossip). Clicking through will infect your account and the fraudulent link will be circulated to your friends. It’s essentially a social network variation of the traditional email phishing scam.
Seculert has provided Facebook with information of the stolen data. The social networking site has said it is looking into the threat.
Other worm scams
Online worm viruses are not unique to Facebook. However they do thrive on social networks. Twitter is a further hotbed of activity. Recently several spam direct messages have been on the up, tempting users to click on fraudulent links through suggestive comments.
In fact, in the process of writing this article I have already received two such messages stating: “You’re in this video” and “I consider this really is some thing chances are you’ll like” (scammers rarely are good with words).
If you click the link you’ll usually be taken to a fake Twitter page where any login details are sent straight to the scammer.
Fortunately protecting yourself from this scam is relatively simple.
Protect yourself
Social network worms work by exploiting the trust between online friends. The scammers hope that because a friend is recommending that you click a link, you will.
Seculert say that Facebook users should be constantly aware of suspicious status updates or messages – even if they are from friends. You should also be on the lookout for poor spelling and grammar (as in the example above), offers that seem too good to be true, generic greetings (e.g. dear customer) and pushy requests for information.
A general rule of thumb is to never click anonymous links, especially if the destination site is unknown. Get in contact with the user sending the suspicious link and ask about it. Or if you know what the link refers to, just find it on the web yourself.
In addition to this, never put personal details into a website you have arrived at through a link. A fraudulent site URL may seem correct at a glance, but look closer and you’ll see a misplaced letter or bogus domain suffix (e.g.twitteri.com). Hovering over hyperlinks will reveal this full URL. Again, if you do need to input data, ignore the link and find the site yourself.
You should also never use the same password for more than one online account. And when you do pick a password, try and make it a cryptic one – have a read of I can crack your pins and passwords for some tips on how to come up with the most secure code-words.
Have you been hit?
What are your experiences with phishing scams?
Let us know using the comment box below.
More: The worst new scams of 2011 | Watch out for this Amazon scam!