How Mother’s Day Facebook celebrations can lead to identity theft

Mother and babyA couple of weeks ago I explained why you shouldn’t reveal your Royal Wedding guest name. Now I have to warn you that celebrating Mother’s Day can lead to you giving away too much personal information about your children.

Here’s a message which has been passed around on Facebook for a few days:

In honor of Mother's Day...If you are a proud mother re post with the name, birth date, & birth weight of your child/children!

Mother's Day post on Facebook

See what they’ve done? They’ve told me the name of their children and their precise date of birth. And I’m not even friends with them, they’ve left their profiles open for the entire world to see because they haven’t followed best practice guidelines for Facebook privacy settings.

And – don’t forget – when you share a piece of information with everyone on Facebook, that actually means the entire internet for ever. This information by itself may not be enough to commit identity theft against your child, but it’s a stepping stone for fraudsters which can help them.

You shouldn’t post this kind of personal information onto the internet – tell people you love your children and are proud of them without revealing their full names or dates of birth.

If you use Facebook and want to learn more about threats, you should join the Sophos Facebook page where we have a thriving community of over 80,000 people.

Hours spent on Twitter? Don’t click on scam spreading virally on Twitter

Another rogue application is spreading between unsuspecting Twitter users, claiming to tell you how many hours you have spent on on the network.

The messages all look pretty similar, and use a currently trending topic such as Richard Dawkins, Cheryl Cole landing the job of a judge on the US edition of “X Factor”, or it being Mother’s Day in the United States.

Twitter scam

Richard Dawkins --> I have spent: 23.8 hours on Twitter! See how much you have: [LINK]

#zabecca --> I have spent: 20.9 hours on Twitter! See how much you have: [LINK]

Vidal Sassoon --> I have spent: 33.4 hours on Twitter! See how much you have: [LINK]

#5factsaboutmymom --> I have spent: 33.4 hours on Twitter! See how much you have: [LINK]

Even though you may have seen one of your friends tweet out a message like this, you definitely shouldn’t click on the link. It will take you to a rogue third-party application which asks your permission to connect with your Twitter profile.

Twitter scam

If you do authorise the app it will be able to post messages to Twitter in your name, see who you follow on Twitter, grab your Twitter name and avatar, and update your profile. Now, why on earth would you want to give a complete stranger the ability to do that?

Unfortunately, you may be so desperate to find out how many hours they have spent on Twitter (after all, your friends appear to have already been though the process) that you will authorise the application.

Whereupon, the rogue application will tweet the offending message from your Twitter account. When I went through the process on a test Twitter account I run, I found that it tweeted out the message more than a dozen times in less than 30 seconds.

Twitter scam

You may not realise that this is happening, however, as the app is distracting you with a message saying it is processing your results. After some whirring away, it asks you to enter your email address to have your results sent to you.

Twitter scam

Stop right there! (if you haven’t already). Are you seriously going to give these complete strangers access to your email address too? They already know your Twitter account name, and can post to your Twitter page – now they’ll be able to email you as well!

Who knows what they might send you? Their plan might be to send you spam, a Trojan horse, or a phishing attack. They even have the cheek to say watch out for the message in your spam folder!

Twitter scam

I don’t know what the scammers plan to spam out to you, and it could – of course – be weeks or months before they do, but if you want to find out more follow me on Twitter at @gcluley.

These sorts of rogue applications appear to be popping up more and more on Twitter, whereas previously they were mostly seen only by Facebook users.

If you were unfortunate enough to grant a rogue applications access to your Twitter account, revoke its rights immediately by going to the Twitter website and visiting Settings/Connections and revoking the offending app’s rights.

Don’t make it easy for scammers to make money in this way, and always exercise caution about which third party apps you allow to connect with your social networking accounts.

If you’re on Twitter and want to learn more about threats, be sure to follow Naked Security’s team of writers.

Mother’s Day search terms lead to Mac rogue security software

Mac fake anti-virus JSWatch out folks! Our researchers at SophosLabs Canada alerted me this afternoon to the world’s first JavaScript fake scanner trying to convince Mac users that their computers are infected by a virus.

This step is extra important on OS X as users will have to install the malware and enter in their administrative credentials for the privilege of infecting themselves.

Even worse, the attackers are poisoning search terms and images related to Mother’s Day. Simply searching Google for seemingly innocent content to honor your mum could end up with a malware infection.

Fortunately you don’t have to infect your own Mac to find out what the experience is like. We made this video so you can see it in action from the safety of whatever device you prefer to surf the internet from. Watch and enjoy:


Mac users who happen upon a poisoned search result it will pop up a fake anti-virus scanner written in JavaScript that looks just like the OS X Finder application.

OS X fake anti-virus JavaScript popup

Windows users aren’t left out… They get their own fake popup, which we have seen all too often.

Windows fake anti-virus JavaScript popup

Early this week I wrote that we were seeing Mac fake anti-virus software spreading in the wild in greater numbers than before. I also noted that the fake scanner used as a part of the social engineering to trick you into installing it looks like Windows XP.

I hope they weren’t listening.

The criminals behind these attacks seem to be using Google’s search auto-complete technology to determine the most popular search terms to poison.

Google search for Mother's Day poems for kidsYou can see Google automatic suggestions in the screenshot at right. We chose “Mothers day poems for kids” from the list and sure enough, some of the results lead to infections.

Sophos Anti-Virus for Mac Home Edition is free, so why not protect your Mac?

Mac fake anti-virus attack gets dirty to ensnare victims

The latest variants of the new Mac malware we have been tracking has an interesting payload that many people may not have realised yet.

It’s well documented that the fake anti-virus attacks attempt to trick you into believing that you have security problems on your Mac, and that you need to hand over your credit card details to buy a version which will clean-up your computer.

However, when we left an infected Mac running for a while unattended earlier today in our labs, we found that it would periodically open instances of the web browser and point them to various websites.

Saucy website

As you can see, the website isn’t necessarily the kind that you might want regularly popping up on your screen – especially if you don’t have an understanding wife or boss.

A quick look inside the code of the attacks, which Sophos is detecting as OSX/FakeAV-A, reveals a list of possible websites that you may find your computer visiting without your permission:

List of saucy website URLs hidden inside fake anti-virus

My guess is that the malware attackers are doing this as a further incentive for you to purchase the so-called “fix”. It’s just another clever piece of social engineering which might make you rush into handing over your credit cards, in the belief that your Mac has been compromised.

Don’t forget, the bad guys will use every dirty trick in the book to get their hands on your money.

Sophos customers should be protected, but if you have a Mac at home and want to defend yourself you can download our free anti-virus. It’s automatically updated to protect against the latest threats.

DownloadFree Anti-Virus for Mac
Download Sophos Anti-Virus for Mac Home Edition