Issue 121 - December 2011 - Page 13
Recent Facebook Porn Attack Highlights Dangers of Misleading 'Security' Warnings
Published on 17th November 2011 by Brett M. Christensen
For two or three frantic days in November, 2011, many Facebook News Feeds were hit by a wave of pornographic and violent images. Understandably, this caused a great deal of anger and concern across the network. Especially since it was at first unclear exactly how the unsavoury material was spreading. Perhaps somewhat belatedly, Facebook took action
to curtail the threat and subsequently issued the following statement:
Protecting the people who use Facebook from spam and malicious content is a top priority for us, and we are always working to improve our systems to isolate and remove material that violates our terms. Recently, we experienced a coordinated spam attack that exploited a browser vulnerability. Our efforts have drastically limited the damage caused by this attack, and we are now in the process of investigating to identify those responsible.
This article is not about the spam attack itself - which has been discussed in detail elsewhere
- but about how a series of inaccurate and misleading "hacker" and "virus" warnings, that circulated the network well before the attack, contributed greatly to the general confusion, and ultimately, just made matters worse.
As far back as November 2010, the following "warning" was moving rapidly around Facebook:
FACEBOOK FRIENDS!!! SOME APPS ARE SENDING NOT VERY NICE MESSAGES USING YOUR NAME!!! IF YOU DON'T WANT TO GET INTO TROUBLE WITH YOUR FRIENDS, COPY PASTE AND SHARE THE POST!! IF YOU HAVE RECEIVED ANY FROM ME, BE ASSURED I DIDN'T SEND IT
A series of other "warnings" of a similar ilk have followed in 2011, including those shown below:
HACKERS ARE DOING DAMAGE AGAIN ON FACEBOOK!
PORNOGRAPHIC MOVIES ARE BEING POSTED ON OUR BEHALF ON THE WALLS OF OUR PROFILES! WE DO NOT SEE THEM, BUT OTHER PEOPLE DO, AS IF IT WERE OUR PUBLICATION! SOMETIME EVEN OUR SUPPOSED COMMENTS APPEARS. IF YOU SEE SUCH A THING IN MY HOMEPAGE, ALERT ME AND DO NOT OPEN IT BECAUSE IT IS A VIRUS! ...COPY AND RE POST THIS MESSAGE
THE HACKERS ARE PUTTING SEXUAL VIDEOS TO YOUR NAME IN THE WALLS / PROFILES OF YOUR FRIENDS WITHOUT YOU KNOWING IT. YOU DONT SEE IT, BUT OTHER PEOPLE CAN SEE IT, AS IF THESE WERE A PUBLICATION THAT YOU MADE! SO IF YOU RECEIVE SOMETHING FROM ME ABOUT A VIDEO OR A STRANGE INBOX MESSAGE, IT'S NOT ME! copy this in your wall. It is for the security of YOUR OWN IMAGE!!! And REPORT IT!!!!! ALSO IF U ARE ASKED TO VOTE ON A PICTURE. DO NOT GO & VOTE: IT'S A HACKER!! POST THIS TO YOUR WALL FOR YOUR FRIENDS
DISCLAIMER: Hackers are busy on Facebook!!! They post some insulting messages on the wall of your friends with your regards, without you knowing about it. If you receive one of those messages in my name, it wasn't me posting them. Put this on your wall and warn your friends. Share the news!!!
Thus, these old warnings were inadvertently perpetrating damaging misinformation about the spam attack that served only to cause even more confusion and angst across the network. Why? Because, they inaccurately laid the blame on sinister hackers or viruses and made no attempt to identify any genuine or probable reasons for the attack. Because they perpetrated the dangerous myth that the porn was spreading without any user interaction. And, perhaps most importantly, because the warnings gave users no credible or useful advice for dealing with the threat.
The bottom line? All of these silly warnings were circulating long before the porn attack took place and any relevance that they seemed to have to that attack was coincidental and ultimately illusionary.
It could well be argued that Facebook took too long to respond to this porn attack. But, in general, Facebook's users, in my opinion at least, should also take more responsibility for the material they repost.
To be in any way helpful, circulated security warnings really must be clear, accurate, up-to-date and contain information that allows users to identify and avoid the specific threat described. Vague and misleading warnings like those shown above help nobody and serve only to sow confusion and muddy Facebook's already troubled waters. Especially, as in this case, when events transpire that seem to give such warnings a degree of - albeit totally undeserved - credibility.
Before reposting a security warning across your social network, it is important, therefore, that you carefully check its veracity.
Pages in this month's issue:
- Bogus Warning - Scammers Asking for Baby Details to Claim Benefits in Your Children's Names
- False Claim - Cardiff City Football Club Refused to Donate Club Shirt for Fallen Soldier's Coffin
- Summer Chain Email - Blond Hair And Blood Shot Eyes
- Facebook Account Reported Phishing Scam
- Christmas Tree App Virus Hoax
- Sears Supports Reservist Employees Email Forward
- False Claim - Colour Photographs of Hitler Taken by American Life Photographer
- Budweiser Frogs Virus Hoax
- Phone Text Message Lottery Scams
- Skype TopUp Payment PayPal Phishing Scam
- Hoax - Mark Zuckerberg Blames Facebook Porn Attack on the Philippines
- 'DGTFX Virus' Email Account Phishing Scam
- Recent Facebook Porn Attack Highlights Dangers of Misleading 'Security' Warnings
- False - Send Christmas Cards for Recovering Soldiers to Queen Elizabeth Hospital
- Christmas Cards for Recovering American Soldiers
- Starbucks Coffee Free Gift Card Survey Scam
- Facebook 'Virus' Warning - 'Nobody can watch this for more than 15 seconds' Video
- Advance Fee Scam - British National Lottery Promo Programme
- Live Ants In The Brain Hoax
- Hoax - Albany Bread Poisoned by Staff
- PayPal 'Verify to Resolve Account Limitations' Phishing Scam
- Red Bull Car Adverts Money Laundering Scam
- Hoax - Facebook Shutting Down on March 15
- False Warning - Red Dot Inside a Red Square On Chocolate Bars Indicates That Product Contains A Pork Derivative
- IT Service Desk 'Scheduled Maintenance & Upgrade' Phishing Scam
- Abandoned Two Week Old Sydney Baby Prayer Request
- Protest Message - Prison Sentence for Spray Painting Poppy on Mosque
- Protest Message - Dog Named 'Parrot' Shot by Police
- Inaccurate Protest Message - Poundland and Bodyshop Banning Staff From Wearing Poppies
- Apple Store Account Phishing Scam