Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider


Site Navigation




Recent Facebook Porn Attack Highlights Dangers of Misleading 'Security' Warnings

A Hoax-Slayer Nutshell - Read More Nutshells

Published on 17th November 2011 by Brett M. Christensen

For two or three frantic days in November, 2011, many Facebook News Feeds were hit by a wave of pornographic and violent images. Understandably, this caused a great deal of anger and concern across the network. Especially since it was at first unclear exactly how the unsavoury material was spreading. Perhaps somewhat belatedly, Facebook took action to curtail the threat and subsequently issued the following statement:
Protecting the people who use Facebook from spam and malicious content is a top priority for us, and we are always working to improve our systems to isolate and remove material that violates our terms. Recently, we experienced a coordinated spam attack that exploited a browser vulnerability. Our efforts have drastically limited the damage caused by this attack, and we are now in the process of investigating to identify those responsible.

During this spam attack users were tricked into pasting and executing malicious javascript in their browser URL bar causing them to unknowingly share this offensive content. Our engineers have been working diligently on this self-XSS vulnerability in the browser. We've built enforcement mechanisms to quickly shut down the malicious Pages and accounts that attempt to exploit it. We have also been putting those affected through educational checkpoints so they know how to protect themselves. We've put in place backend measures to reduce the rate of these attacks and will continue to iterate on our defenses to find new ways to protect people.
This article is not about the spam attack itself - which has been discussed in detail elsewhere - but about how a series of inaccurate and misleading "hacker" and "virus" warnings, that circulated the network well before the attack, contributed greatly to the general confusion, and ultimately, just made matters worse. As far back as November 2010, the following "warning" was moving rapidly around Facebook:

FACEBOOK FRIENDS!!! SOME APPS ARE SENDING NOT VERY NICE MESSAGES USING YOUR NAME!!! IF YOU DON'T WANT TO GET INTO TROUBLE WITH YOUR FRIENDS, COPY PASTE AND SHARE THE POST!! IF YOU HAVE RECEIVED ANY FROM ME, BE ASSURED I DIDN'T SEND IT

A series of other "warnings" of a similar ilk have followed in 2011, including those shown below:

HACKERS ARE DOING DAMAGE AGAIN ON FACEBOOK! PORNOGRAPHIC MOVIES ARE BEING POSTED ON OUR BEHALF ON THE WALLS OF OUR PROFILES! WE DO NOT SEE THEM, BUT OTHER PEOPLE DO, AS IF IT WERE OUR PUBLICATION! SOMETIME EVEN OUR SUPPOSED COMMENTS APPEARS. IF YOU SEE SUCH A THING IN MY HOMEPAGE, ALERT ME AND DO NOT OPEN IT BECAUSE IT IS A VIRUS! ...COPY AND RE POST THIS MESSAGE

THE HACKERS ARE PUTTING SEXUAL VIDEOS TO YOUR NAME IN THE WALLS / PROFILES OF YOUR FRIENDS WITHOUT YOU KNOWING IT. YOU DONT SEE IT, BUT OTHER PEOPLE CAN SEE IT, AS IF THESE WERE A PUBLICATION THAT YOU MADE! SO IF YOU RECEIVE SOMETHING FROM ME ABOUT A VIDEO OR A STRANGE INBOX MESSAGE, IT'S NOT ME! copy this in your wall. It is for the security of YOUR OWN IMAGE!!! And REPORT IT!!!!! ALSO IF U ARE ASKED TO VOTE ON A PICTURE. DO NOT GO & VOTE: IT'S A HACKER!! POST THIS TO YOUR WALL FOR YOUR FRIENDS

~~~~~WARNING~~~~HACKER ALERT~~~~~~~~

DISCLAIMER: Hackers are busy on Facebook!!! They post some insulting messages on the wall of your friends with your regards, without you knowing about it. If you receive one of those messages in my name, it wasn't me posting them. Put this on your wall and warn your friends. Share the news!!!

Unfortunately, versions of all these messages were still circulating vigorously across the network when the November porn attack occurred. Suddenly, all of these fundamentally flawed and misleading warnings seemed to be, at least at face value, reflecting real events. But, the "warnings" implied that the attack was the work of "hackers" or "viruses" who were somehow hijacking Facebook accounts at will. And they also implied that the porn messages were spreading without users clicking links or interacting with the messages in any way. These implications are untrue and highly misleading. As noted above, Facebook has blamed a browser vulnerability that was exploited when users were tricked into pasting and executing malicious javascript in their address bar.

Thus, these old warnings were inadvertently perpetrating damaging misinformation about the spam attack that served only to cause even more confusion and angst across the network. Why? Because, they inaccurately laid the blame on sinister hackers or viruses and made no attempt to identify any genuine or probable reasons for the attack. Because they perpetrated the dangerous myth that the porn was spreading without any user interaction. And, perhaps most importantly, because the warnings gave users no credible or useful advice for dealing with the threat.

The bottom line? All of these silly warnings were circulating long before the porn attack took place and any relevance that they seemed to have to that attack was coincidental and ultimately illusionary.

It could well be argued that Facebook took too long to respond to this porn attack. But, in general, Facebook's users, in my opinion at least, should also take more responsibility for the material they repost.

To be in any way helpful, circulated security warnings really must be clear, accurate, up-to-date and contain information that allows users to identify and avoid the specific threat described. Vague and misleading warnings like those shown above help nobody and serve only to sow confusion and muddy Facebook's already troubled waters. Especially, as in this case, when events transpire that seem to give such warnings a degree of - albeit totally undeserved - credibility.

Before reposting a security warning across your social network, it is important, therefore, that you carefully check its veracity.




Bookmark and Share