Issue 141 - October 2012 (2nd Edition) - Page 3
Dubious Facebook 'Security Alert' - Obama Nation Hackers
"Security alert" circulating rapidly on Facebook warns users that "Obama Nation hackers" are taking control of people's accounts by tricking them into clicking Romney requests for profile information or responding to security check requests.
The message is simply too vague to be of any real value as a security warning. There are currently no credible reports about a "hacker" attack involving an Obama Nation group or bogus Romney profile requests. The second part of the "alert" may be a garbled reference to an ongoing phishing tactic in which scammers send bogus messages purporting to be from Facebook Security. Passing on vague and potentially misleading "security alerts" will do nothing whatsoever to help keep people safe online and will only serve to clutter social networks with even more useless information.
Last updated: October 12, 2012
First published: October 12, 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer
Security alert : OBAMA NATION hackers are asking you to click on a ROMNEY request for your profile etc ... a large number of our friends accounts have been hacked and blocked , do not respond to their messages for "security" checks .. both requests are hackers : pass it on to your groups and friends : recheck your privacy settings :
According to yet another dubious "security alert" that is currently
gaining momentum on Facebook, users should avoid clicking links couched as requests for profile information from Mitt Romney. The messages suggest that these requests are the work of "Obama Nation hackers" who can use the replies to hack and block user accounts. The message claims that large numbers of people have already had their accounts compromised in this manner. A second part of the message further warns users not to respond to "security check" messages because they are also sent by hackers.
Alas, like many others of its ilk, this message is simply too vague and confused to have any genuine merit as a security warning. There are no credible security reports about a current phishing or malware attack that uses fake profile requests purporting to be from Mitt Romney. Moreover, the message provides no details about how this supposed "hacker" tactic actually works. Do the links in these alleged hacker messages open a phishing website that tries to trick users into divulging account login information? Or do the links lead to a site that harbours information-stealing malware that can be installed on the victim's computer? How are the supposed scam messages actually worded? The "alert" does not bother to include any of these important details, nor does it reference any source where users can find more information about the supposed threat.
Rather confusingly, the latter part of the message
apparently attempts to describe a second aspect of the "hacker" attack in which people receive bogus "security check" messages. The wording of the alert suggests that such messages may come from the accounts hijacked in the initial "Romney" profile request attacks. Again, the warning message provides no detailed information about how this "security check" attack actually works.
In fact, the "security check" part of the warning may be a garbled reference to a long running criminal tactic
by which Facebook users are tricked into divulging their account login details in response to messages that falsely claim to come from "Facebook Security". These bogus Facebook security messages
are often sent out via accounts that have already been hijacked in earlier incarnations of the same type of phishing scam. But, in its current form the above "security alert" is just too confused and lacking in detail to be an effective warning about these Facebook Security phishing scams.
The message finishes by advising people to check their privacy settings. But, it gives no information whatsoever about which settings people should check or how changing privacy settings could help them avoid becoming victims of phishing or malware attacks. Again, the information in the alert is vague to the point of uselessness.
Of course, the underlying generic advice in the message - be cautious of clicking links in unsolicited messages and beware of "security" messages asking you to verify account information - is worth heeding. And scammers often use the promise of news or gossip about current events such as elections and key players such as Obama and Romney as the bait to entice people to click their links. Nevertheless, to have any real validity, computer security alerts must contain accurate, up-to-date information about the perceived threat and provide enough details so that recipients can recognize and avoid the attack described. Vague and garbled security alerts - even those with a underlying grain of truth - are likely to confuse and mislead users and will do nothing to help increase their online safety.
Alert From Facebook Security Team Phishing Scam
Facebook Account Reported Phishing Scam
Pages in this issue:
- ADP 'Transaction Reports' Malware Email
- Facebook 'Virus' Warning Message - Album 92
- Dubious Facebook 'Security Alert' - Obama Nation Hackers
- Johnny Depp is NOT Dead
- Social Media Rumours Falsely Claim Fidel Castro is Dead
- Justin Bieber Stolen Laptop and Camera - Sex Tape Rumours
- 'Interested in Using Your Photo for Pepsi Ad' - Money Laundering Scam
- Hoax - Obama's Cook County Correctional Center
- NatWest 'Customer Satisfaction Survey' Phishing Scam
- Facebook Survey Scam - 'Drunk 17 Year Old Caught on Tape'
- Facebook's Promoted Posts Program for Users Causing Confusion
- 'Little Dead Girl Clarissa' Warning - Nasty and Violent Internet Chain Letter
- Hoax Warning Message - 'National Kill A Pit Bull Day'
- Yorkshire Building Society - Egg Account Transfer Phishing Scam
- Skype 'Password Successfully Changed' Scam Email
- Michael Vick Did NOT Break His Legs in a Car Accident