Facebook and Twitter users: Hackers are now using your friends' accounts to transmit viruses

 “Hey, I have this hilarious video of you dancing. Your face is so red. You should check it out!”

If you've received a message like that through a Facebook or MySpace friend, you may have been exposed to the "Koobface" virus. Here’s what’s going on…

Hackers have now made a cozy new home for themselves on social media sites such as Facebook and Twitter. Disguised as one of your friends, they’ll send you a direct message with a video link attached. If you click on the link, you’re prompted to update your Flash player to see the video, and therein lies the virus – cloaked in a "flash_player.exe" file. Once installed, this  worm transforms your computer into a Zombie machine as part of a botnet (a network of computers that are controlled and used by the originator of the worm for unscrupulous purposes).

Are You Really At Risk?    

Unless you are aware of these scams, it is very easy to become infected. Some of the direct messages and tweets have titles that are very deceptive. Some of the more common messages will say, “Here’s the video I mentioned…", or "LOL," or "My friend caught you on hidden cam," or "My home video :)”. These messages are followed by a link directing you to a page to watch the video. These seemingly harmless messages can quickly infect your entire office network, allowing hackers a free pass in.

In addition, they can block you from accessing important security updates, making your network even more susceptible to hacker attacks. In some cases, they use their free access to your computer to steal bank account information, credit card numbers, social security numbers and other confidential data.

How To Protect Yourself     

Awareness is the first step to protecting yourself. Make a copy of this article and hand it out to all your coworkers, friends and family so they don’t get infected or infect you. Next, follow these three simple steps:

  1. Frequently Change Your Password And Don’t Use Easy-To-Guess Combinations. I know, it’s a pain in the neck to change your password frequently, especially when you have dozens to keep track of. But this really is one of the best ways to avoid compromising your account on social media sites. Additionally, don’t use simple passwords like “password” or “123abc.” Include lower case and capital letters, as well as numbers. If a hacker is trying to crack your password and you never change it (or if it’s super easy to guess), you make your account a prime target.
  2. Avoid Downloads. Avoid downloading anything from messages on Twitter or Facebook, even if the message is from someone you know. As a general rule, never download any file if you are not 100% certain it is secure and virus free.
  3. Get A Beefy Firewall. If you or your employees are using any social media sites for personal or business connections, a strong firewall will protect you from getting infected. That way, even if you or your staff inadvertently opens a dangerous message from one of these sites, your firewall can prevent it from bringing your whole network to a grinding halt.
Walter Ely is President/COO of System Care Inc. in Westlake.
Read More on Business & Finance
Volume 2, Issue 4, Posted 1:23 PM, 02.19.2010