Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Issue 121 - December 2011 - Page 13

Recent Facebook Porn Attack Highlights Dangers of Misleading 'Security' Warnings

Issue 121 Start Menu

Previous Article            Next Article

A Hoax-Slayer Nutshell - Read More Nutshells

Published on 17th November 2011 by Brett M. Christensen

For two or three frantic days in November, 2011, many Facebook News Feeds were hit by a wave of pornographic and violent images. Understandably, this caused a great deal of anger and concern across the network. Especially since it was at first unclear exactly how the unsavoury material was spreading. Perhaps somewhat belatedly, Facebook took action to curtail the threat and subsequently issued the following statement:
Protecting the people who use Facebook from spam and malicious content is a top priority for us, and we are always working to improve our systems to isolate and remove material that violates our terms. Recently, we experienced a coordinated spam attack that exploited a browser vulnerability. Our efforts have drastically limited the damage caused by this attack, and we are now in the process of investigating to identify those responsible.

During this spam attack users were tricked into pasting and executing malicious javascript in their browser URL bar causing them to unknowingly share this offensive content. Our engineers have been working diligently on this self-XSS vulnerability in the browser. We've built enforcement mechanisms to quickly shut down the malicious Pages and accounts that attempt to exploit it. We have also been putting those affected through educational checkpoints so they know how to protect themselves. We've put in place backend measures to reduce the rate of these attacks and will continue to iterate on our defenses to find new ways to protect people.
This article is not about the spam attack itself - which has been discussed in detail elsewhere - but about how a series of inaccurate and misleading "hacker" and "virus" warnings, that circulated the network well before the attack, contributed greatly to the general confusion, and ultimately, just made matters worse. As far back as November 2010, the following "warning" was moving rapidly around Facebook:

FACEBOOK FRIENDS!!! SOME APPS ARE SENDING NOT VERY NICE MESSAGES USING YOUR NAME!!! IF YOU DON'T WANT TO GET INTO TROUBLE WITH YOUR FRIENDS, COPY PASTE AND SHARE THE POST!! IF YOU HAVE RECEIVED ANY FROM ME, BE ASSURED I DIDN'T SEND IT

A series of other "warnings" of a similar ilk have followed in 2011, including those shown below:

HACKERS ARE DOING DAMAGE AGAIN ON FACEBOOK! PORNOGRAPHIC MOVIES ARE BEING POSTED ON OUR BEHALF ON THE WALLS OF OUR PROFILES! WE DO NOT SEE THEM, BUT OTHER PEOPLE DO, AS IF IT WERE OUR PUBLICATION! SOMETIME EVEN OUR SUPPOSED COMMENTS APPEARS. IF YOU SEE SUCH A THING IN MY HOMEPAGE, ALERT ME AND DO NOT OPEN IT BECAUSE IT IS A VIRUS! ...COPY AND RE POST THIS MESSAGE

THE HACKERS ARE PUTTING SEXUAL VIDEOS TO YOUR NAME IN THE WALLS / PROFILES OF YOUR FRIENDS WITHOUT YOU KNOWING IT. YOU DONT SEE IT, BUT OTHER PEOPLE CAN SEE IT, AS IF THESE WERE A PUBLICATION THAT YOU MADE! SO IF YOU RECEIVE SOMETHING FROM ME ABOUT A VIDEO OR A STRANGE INBOX MESSAGE, IT'S NOT ME! copy this in your wall. It is for the security of YOUR OWN IMAGE!!! And REPORT IT!!!!! ALSO IF U ARE ASKED TO VOTE ON A PICTURE. DO NOT GO & VOTE: IT'S A HACKER!! POST THIS TO YOUR WALL FOR YOUR FRIENDS

~~~~~WARNING~~~~HACKER ALERT~~~~~~~~

DISCLAIMER: Hackers are busy on Facebook!!! They post some insulting messages on the wall of your friends with your regards, without you knowing about it. If you receive one of those messages in my name, it wasn't me posting them. Put this on your wall and warn your friends. Share the news!!!

Unfortunately, versions of all these messages were still circulating vigorously across the network when the November porn attack occurred. Suddenly, all of these fundamentally flawed and misleading warnings seemed to be, at least at face value, reflecting real events. But, the "warnings" implied that the attack was the work of "hackers" or "viruses" who were somehow hijacking Facebook accounts at will. And they also implied that the porn messages were spreading without users clicking links or interacting with the messages in any way. These implications are untrue and highly misleading. As noted above, Facebook has blamed a browser vulnerability that was exploited when users were tricked into pasting and executing malicious javascript in their address bar.

Thus, these old warnings were inadvertently perpetrating damaging misinformation about the spam attack that served only to cause even more confusion and angst across the network. Why? Because, they inaccurately laid the blame on sinister hackers or viruses and made no attempt to identify any genuine or probable reasons for the attack. Because they perpetrated the dangerous myth that the porn was spreading without any user interaction. And, perhaps most importantly, because the warnings gave users no credible or useful advice for dealing with the threat.

The bottom line? All of these silly warnings were circulating long before the porn attack took place and any relevance that they seemed to have to that attack was coincidental and ultimately illusionary.

It could well be argued that Facebook took too long to respond to this porn attack. But, in general, Facebook's users, in my opinion at least, should also take more responsibility for the material they repost.

To be in any way helpful, circulated security warnings really must be clear, accurate, up-to-date and contain information that allows users to identify and avoid the specific threat described. Vague and misleading warnings like those shown above help nobody and serve only to sow confusion and muddy Facebook's already troubled waters. Especially, as in this case, when events transpire that seem to give such warnings a degree of - albeit totally undeserved - credibility.

Before reposting a security warning across your social network, it is important, therefore, that you carefully check its veracity.




Bookmark and Share
Previous Article            Next Article

Issue 121 Start Menu

Pages in this month's issue:
  1. Bogus Warning - Scammers Asking for Baby Details to Claim Benefits in Your Children's Names
  2. False Claim - Cardiff City Football Club Refused to Donate Club Shirt for Fallen Soldier's Coffin
  3. Summer Chain Email - Blond Hair And Blood Shot Eyes
  4. Facebook Account Reported Phishing Scam
  5. Christmas Tree App Virus Hoax
  6. Sears Supports Reservist Employees Email Forward
  7. False Claim - Colour Photographs of Hitler Taken by American Life Photographer
  8. Budweiser Frogs Virus Hoax
  9. Phone Text Message Lottery Scams
  10. Skype TopUp Payment PayPal Phishing Scam
  11. Hoax - Mark Zuckerberg Blames Facebook Porn Attack on the Philippines
  12. 'DGTFX Virus' Email Account Phishing Scam
  13. Recent Facebook Porn Attack Highlights Dangers of Misleading 'Security' Warnings
  14. False - Send Christmas Cards for Recovering Soldiers to Queen Elizabeth Hospital
  15. Christmas Cards for Recovering American Soldiers
  16. Starbucks Coffee Free Gift Card Survey Scam
  17. Facebook 'Virus' Warning - 'Nobody can watch this for more than 15 seconds' Video
  18. Advance Fee Scam - British National Lottery Promo Programme
  19. Live Ants In The Brain Hoax
  20. Hoax - Albany Bread Poisoned by Staff
  21. PayPal 'Verify to Resolve Account Limitations' Phishing Scam
  22. Red Bull Car Adverts Money Laundering Scam
  23. Hoax - Facebook Shutting Down on March 15
  24. False Warning - Red Dot Inside a Red Square On Chocolate Bars Indicates That Product Contains A Pork Derivative
  25. IT Service Desk 'Scheduled Maintenance & Upgrade' Phishing Scam
  26. Abandoned Two Week Old Sydney Baby Prayer Request
  27. Protest Message - Prison Sentence for Spray Painting Poppy on Mosque
  28. Protest Message - Dog Named 'Parrot' Shot by Police
  29. Inaccurate Protest Message - Poundland and Bodyshop Banning Staff From Wearing Poppies
  30. Apple Store Account Phishing Scam