Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2010-12-07 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

You got a sec?

Published: 2010-12-07
Last Updated: 2010-12-07 17:02:40 UTC
by Kevin Shortt (Version: 1)
8 comment(s)

Have you ever been asked if "You got a sec?" by a friend via Facebook chat?

Well, one of our readers wrote in asking if we've seen this before.   The scenario described to us is such:

  • A Facebook chat pops up from a friend with:
    "Hey [your name] you got a second?"
  • If / when you reply, immediately a message returns similar to
    "I can't score higher than 600 on the quiz, do you think you can? [link provided]"
  • If you click...

Although, I have not personally experienced this type of incident, it smells of spam and or an app from the dark side.  It is important to understand this could be any number of things.  If you experience an incident like this, then do not click and a good approach would be to run Ad-Aware or similar scan on your system and review your Facebook application lists for anything suspicious. In addition, BitDefender has a service in BETA called safego which works as an app on Facebook with your profile and Norton Safe Web is free service that rates websites.

So if you've seen this before, then please share it with the rest of us with a comment.

Update

Read more about safego and protecting your Facebook activity on fellow handler Lenny Zeltzer's blog.

blog.zeltser.com/post/2132741436/facebook-antivirus-protection

--
Kevin Shortt
ISC Handler on Duty

Keywords: Facebook
8 comment(s)
Diary Archives