19. (02) Rogue Application
If you're one of the millions of teenybopper fans of Justin Bieber, then you may
be tempted into clicking onto the link to find out more…
21. Are you looking for this software called “007 Facebook hack
v1.0″ also known as “James bond’s Facebook hack” that can
hack your friends Facebook password in minutes?
Facebook Hacking Software
25. (03) Facebook Gold Member Account
The latest hoaxing craze circulating Facebook is groups and fan
pages claiming to Facebook offering free or limited time upgrades
to a supposed Gold account. There is no Facebook Gold Account.
28. 28
(06) “Koobface” spreading through FB Message
Koobface is a computer worm that targets Facebook and other social networking
websites. It spreads on Facebook by posting spammy messages on behalf of
people.
32. 32
if you happen see a message like the following posted on your
wall by one of your Facebook friend’s, don’t click on the link.
(09) JavaScriptJacking Scam
33. 33
JAVA Script of “Revolving Images” Spam
Copy the Script and Paste it in the address bar (where you enter the website
address) and Hit Enter. This piece of code pulls off all the images from your web
page and rotates them in a circle. If you look carefully in the above code, its
rotating the HTML “img” tag.
Facebook is one of the phenomena now a days especially for youth. While we are having fun online through Facebook, we should also think about our security.
Today will we share with you the ways on how cyber criminal can sneak in or knowing our personal information through Facebook. Participants should remember this is more focusing on our personal Facebook account.
Activity:
All participant should have their own Facebook account
If they don’t have any, need to give them time to sign up with Facebook to make them familiar and go through each setting in the Facebook itself.
As usual, this the interface of Facebook.
It consist of Login and Sign up area……..
For those who already be a member….please login to your account
For those who haven’t got one, please sign up……..
To sign up, please use valid email address or maybe you can create your new email id just for this purpose and it may use for your knowledge sharing session in the future
This is the privacy policy statement from Facebook.
The policy statement will be reviewed periodically and latest update on 23rd Sept 2011.
We should read the policy statement so that we know how Facebook share the information and other things. It covers:
Information we receive and how it is used
Sharing and finding you on Facebook
Sharing with other websites and applications
How advertising works
Minor and safety
Some other thing you need to know
Activity:
Make them familiar with the policy statement
2. Participants need to explore the policy statement with in 3-5 minutes
Facebook Terms of Service - consist of statement of rights and responsibilities
Statement Rights and Responsibilities - This Statement of Rights and Responsibilities (Statement) derives from the Facebook Principles, and governs our relationship with users and others who interact with Facebook. By using or accessing Facebook, you agree to this Statement.
One thing have to stress on, Facebook not allow any user under 13 years old to sign up with them
Activity:
Make them familiar with the terms of service
2. Participants need to explore the Terms of Service with in 3-5 minutes
Facebook Terms of Service - consist of statement of rights and responsibilities
Statement Rights and Responsibilities - This Statement of Rights and Responsibilities (Statement) derives from the Facebook Principles, and governs our relationship with users and others who interact with Facebook. By using or accessing Facebook, you agree to this Statement.
One thing have to stress on, Facebook not allow any user under 13 years old to sign up with them
Activity:
Make them familiar with the terms of service
2. Participants need to explore the Terms of Service with in 3-5 minutes
Facebook Privacy Setting
This is the previous privacy setting before Facebook change the look of the privacy setting.
If you/Facebook user didn’t change the setting, it will show exactly like the slide. This means your profile is open to public where every Facebook user can find and open your profile, information in the Facebook and also can explore your pic.
Recommended that user need to change their privacy setting at least once and make it to “Only Friends” setting.
Activity:
Participants need to login to their Facebook account
Participants need to go and explore the Privacy Setting
This is the new interface for the Facebook Privacy Setting.
Much more simple and easy to read and understand. Each of the option have the explanation for it and this is easy for the Facebok user to know and understand what is all about for each option.
These two option; Control Privacy When You Post and Control Your Default Privacy, basically you can control whose going to read you post and who can view your profile.
We may explore more on the next slide.
Activity:
Participants need to login to their Facebook account
Participants need to go and explore the Privacy Setting
This is another additional option for Facebook Privacy Setting
How You Connect – control how you connect with people you know
How Tags Work – control what happens when friends tag you or your content
App and Website – control what gets shared with apps, games and websites
Limit the Audience for Past posts – Limit the audience for posts you shared with more than friends
Block People and Apps – manage the people and apps you’ve blocked
Activity:
Participants need to login to their Facebook account
Participants need to go and explore the Privacy Setting
Some stuff about Facebook that we can get from the internet
It shows the funny thing about status update, comment, chatting etc. mostly from Facebook page.
You can find it from:
Lamebook : www.lamebook.com (The Original - Funny Facebook Statuses, Fails, LOLs and More)
Failbook : www.failbook.failblog.org (Funny Facebook Status Messages)
Sample one of the chatting and picture that being posted in the lamebook site
In a cyber world, as a internet user we also need to know the way on how teenagers communicate among them…..
This slide consist of 2 story:
Juliana – this is the sample of typo error which is the word anal on the status is supposedly written as Anna
Jess – updated his status saying that he just answer “ACDC” down to the whole page……and he’s got 87% for that test
This is two sample that we took from the site, there’s a lot of screen capture you can refer
and make it as a sample in your presentation
This is the story regarding Kyle Doyle which found absent on 21st August.
HR request for medical certificate as a proof for the leave.
Kyle argument, in the contract stated that employee are allowed to take one day leave without any proof due to any reason.
HR did mention that, due to report that has been made by his boss, his leave is not due for medical reason and HR cannot process the leave. Kyle hold on his stand and ask HR to process the leave accordingly.
Finally HR came out with this screen capture where he/she get from Kyle’s Facebbok page.
This is what HR can do now a days……that is why we have to really be carefull whenever we wan to post something on our Facebook page.
Anything posted on the internet will remain forever…..this include comments, picture and our personal information.
Do remember, we can deny everything but, everybody eg: friends, cousin, colleague and other family members, they can update, tag and do post something about us on the internet.
This is another sample from our local tabloid………..Harian Metro.
Where the wife run away to be with her ex boyfriend.
This was happened after they meet each other in Facebook and finally the lady ran away with her ex. The wife also took her kids together and as for a divorce.
Another quote from the local tabloids about the savage Facebook.A boarding school student accused to hack his friend Facebook account. As a result, the student was beaten and received a treatment at the hospital due to injuries on his eyes and forehead.
Another news from the tabloids……
Fraud that happened in the cyber world………now a days they are going to use social media as one of the platform to get a thousand of ringgit.
Do remember, this is one of the way how they can get the money. So as a Facebook user, we have to aware of this and make sure that we are not in the statistic of a fraud or cyber criminal victims.
This is an application that we can install in our laptop and smart phone.
This apps called PREY. Prey lets you keep track of your phone or laptop at all times, and will help you find it if it ever gets lost or stolen. It's lightweight, open source software, and free for anyone to use. And it just works.
It runs in Windows, Android, Linux, Ubuntu and Mac OS and iOS
More info : http://preyproject.com/
Protect your Mac with Hidden
When your Mac is lost or stolen, Hidden will show you where it is and who has it.
Hidden will kick into action and locate it anywhere, collect photos of the thief and screen shots of the computer in use.
More info: http://hiddenapp.com/
What does Hidden do?
Hidden is a small application which sits idle on your computer until you need it. When your computer gets stolen simply login to your online Tracking Control Panel and mark your computer as stolen. Hidden will kick into action and locate your stolen computer anywhere on the planet, collect photos of the thief and screen shots of the computer in use.
Justin Bieber trying to flirt links are the latest bait being used to entice his fans to download a rogue Facebook application.By clicking a tiny.cc link next to a post which reads: "OMG Justin Bieber trying to flirt, check it out" directs memers to an application called Bieberflirting. This application asks permission to access your basic information as well as post to your Facebook wall and access your data at any time before you can carry on to watch Justin Bieber's flirting attempts.
This is the sample of the interface when you click the tiny.cc link
Are you looking for this software called “007 facebook hack v1.0″ also known as “James bond’s facebook hack” that can hack your friends facebook password in minutes? According to this software, you just need to fill in your friend’s profile id and the email id he has used on his facebook profile. Once you feed these two things in the dedicated feild, it will automatically reveal the password of your friend.First let me ask you something, Are you sure that you can cheat facebook’s login using this software? Are you so confident that this software called 007 facebook hack v1.0 will hack any facebook password within minutes?
Read more: http://www.hacker9.com/hacking-fb-accounts-using-007-facebook-hack-v1-0-the-truth.html#ixzz1hz8UJYIK
Do not install F’acebook Antivirus. It is a deceptive rogue application that, as soon as you install it, will tag every single one of your friends in a photo in batches of about 20. It then posts that photo to your wall.
This little scam is brand new and hopefully will be deleted quickly by Facebook, but we can certainly help slow down the spread of it while we wait.
Apart from the wall spamming, another obvious indication that this is a fake application itself, is the url: http://apps.facebook.com/kxetyegpgkxdwfy/
A valid application is not going to have a URL with a bunch of jumbled letters at the end.
Keylogging (keylogger) is the simplest and the most effective way of hacking Facebook passwords. Anyone with basic knowledge of computer can install and use it easily. This method yields the best outcome when you have physical access to your victims PC. Basically keyloggers are used to capture the keyboard strokes entered by any person. So the fact that, it can capture keyboard strokes, it can also capture or record usernames and passwords entered by a person. There are 2 types of keyloggers, hardware and software.
#1. Software Keylogger
Software keylogger is a program that records each & every keystroke that a user types on his/her keyboard. Once you install this program on the target computer, it will automatically load from the start-up and start capturing every keystroke typed on that computer including usernames and passwords. A keylogger software runs in a complete stealth mode and thus remains undetected.
In order to use keylogger software, you don’t need to have any special knowledge of hacking. Anyone with a basic knowledge of computer, will be able to install and use this software easily
Read more: http://www.hacker9.com/how-facebook-hacking-carried-out-password-methods.html#ixzz1i00hLp9u
#2. Hardware Keylogger
Just like Software Keyloggers Hardware keyloggers also captures keyboard keystrokes but requires Physical access to victims PC. A Hardware keylogger is a small hardware just like USB pen-drive with internal memory. These are available in 2 types: PS2 and USB.
Recommended: Keycobra – Best Hardware keyloggers
PS2 keylogger is plugged inline between a computer keyboard and a computer. They log all keyboard activity to their internal memory. Whereas USB keylogger is just a USB Stick that can capture everything a user does on the System
Read more: http://www.hacker9.com/how-facebook-hacking-carried-out-password-methods.html#ixzz1i017Kubc
There is no such thing as a Facebook Gold Account. All messages and groups that claim to provide instructions for upgrading to a Facebook Gold account are bogus and in no way officially endorsed by Facebook management.
Thus, Facebook users should ignore any invitations that claim they can upgrade to a Facebook Gold account. Do not join any Facebook Gold groups or install any apps that supposedly upgrade your account to Facebook Gold. Once again, there is no such thing as a Facebook Gold account and any messages or groups that claim you can get such an account are entirely fraudulent.
Facebook user, if you come across any Post on Facebook that says “GET A FREE facebook T-SHIRT”, please ignore it. This is not a like jacking type of SPAM, but the Pure and Simple social engineering example to capture user data. The Scammers have created an external web page, whose look and feel closely matches with facebook’s user interface.
Though looking at that page you can easily make out that its a scam, Still Some people will get tempted and will Register their email and home address there.
Read more: http://www.hacker9.com/get-a-free-facebook-t-shirt-new-facebook-scam.html#ixzz1i03twzr0
Another new scam that appeals to both our egos and instinct for voyeurism is spreading like wildfire on Facebook.
An app going by various names, including ProfileSpy and Pro Check, claims it will offer insight into how many people have viewed your Facebook profile if you fill out a short survey and grant the app permission to access your information.
The scam has been making its way around the social network via status updates, which include a link to the suspicious service and text that reads, "My total facebook views are: 1245 Find out your total profile views."
Koobface - Koobface is a computer worm that targets Facebook and other social networking websites. It spreads on Facebook by posting spam messages on behalf of people.
These messages contain a link, which will prompt you to download a “HOT” videos or install a newer version of certain application. However, this download actually contains a malicious file that, once opened, uses Facebook account to continue posting this malicious link on your behalf, thus spreading the virus to our Facebook contact.
For more info, you can read it from Facebook Help Center
As a Facebook user, you may ask the Facebook Help Center to get more info about Koobface….the search result covers:
This is another sample of Facebook scam, and it’s taking advantage of a non-existent Facebook feature many users crave: the dislike button.
There is no such thing as an official Facebook dislike button. It’s possible that Facebook will implement a similar feature in the future, but right now it simply doesn’t exist.
So, if you see a status update containing the message “I just got the Dislike button, so now I can dislike all of your dumb posts lol!!” or “Get the official DISLIKE button now” followed by a link, you should know that it’s another one of many scams that aim to extract your personal data.
CLICK HERE TO VERIFY - Don't fall for this fake Facebook Security Warning. "Clicking on the link is not advisable. However, this dialog box is requesting permissions for a rogue application - clicking “ALLOW" will permit the app to post the message to your wall as well, spreading the link virally to your Facebook contacts."
This Facebook virus will post itself on your friends walls, with this comment:
“Facebook Deleting all acounts that are not verified before may 6th.So soon Verify your account before it gets deleted )"
When Facebook has an issue with your account, they will post the information at the top of your page. Never click on shared pages like the one above without checking it out first.
Just observe the screenshot above. If you happen to see a message like the following posted on your wall by one of your Facebook friend’s, don’t click on the link.
If you do make the mistake of clicking on the link, you will be redirected to a page that claims you are about to find out who spends excessive time with your photos, reading your old post, etc. They will ask you to run some script on your Facebook Homepage. Once you run the Java Script, the devil will start his work and within minutes it will flood your friends wall and your wall with the same spam. This is typical JavaScriptJacking Scam.
Read more: http://www.hacker9.com/find-your-stalker-new-facebook-scam-javascript.html#ixzz1i0BxoTxj
Facebook spams us by sending Emails a hell lot more than required and then people spam Facebook (and hence you) by making a single click on the mouse to be turned on and create havock. This new spam being named “Revolving images”.
The problem with the script is that not only does it start an irritating image revolving thing it promised (which can be thankfully stopped by refreshing the page) it posts the following message on some of the users’ friends’ walls’
Read more: http://pulkit.me/2010/11/23/newest-facebook-spam-revolving-images/#ixzz1i0Ew3if7
Sample of JAVA Script of “Revolving Images”
Sample of JAVA Script of “Revolving Images”
This another way how cyber criminal can get our information.
Please not to believe this type of scam……
This girl will ask for help to be her accompany while she were on holiday.
In the first place, she will chat or message the user through Facebook and ask for user email address to ease the communication among them……
In the email communication, she will ask about user personal information and this is one of the way how they get our information.
Do remember, never once used our company email id in our email communication when it going to be personal related activity.
This page is intentionally left blank
Facebook did provide us with their privacy policy, term of service and privacy setting which is easy to understand and use to keep us safe while we keep in touch with our new and old friends.
Not only that, Facebook also provide us with their Family Safety Center. We can access it from https://www.facebook.com/safety
Facebook Safety Center
It consist of:
Facebook Safety Page : This is the URL (https://www.facebook.com/fbsafety)
About : to get updates and give feedback on Safety issues.
Description : Nothing is more important to Facebook than the safety of the people that
use it.
Mission : To provide Facebook user with the updates and information to help and
keep the user safe while using Facebook or surfing on the Internet.
Facebook Security Page: The URL is (https://www.facebook.com/security)
About : Like this Page to receive updates about how to protect your information
both on and off Facebook.
Mission : To provide you with the information you need to protect your information
both on and off Facebook.
Facebook also provide a test for Facebook user. The quiz can be accessed at https://www.facebook.com/security?sk=app_152078551499478
Facebook Help Center - http://www.facebook.com/help/?ref=pf
Facebook user may ask their query on Facebook Help Center if they want to know anything pertaining Facebook threat, viruses, scam, spam, account setting, privacy setting, etc…..
By clicking the option given, user easily know how to find the answer or just type in the searching field, Facebook will return with the search result which relates to the query.
On the right hand side, Facebook also provide Facebook Help Feed.
Activity:
5 minutes will be given to the participants to explore the Facebook Help Center
Participants also need to answer the Facebook Security Quiz
Facebook also provide a form to report the deceased person’s profile or they call it as memorializing the account.
URL: http://www.facebook.com/help/contact.php?show_form=deceased
Memorializing the account:It is Facebook policy to memorialize all deceased users' accounts on the site. Memorializing the account set privacy so that only confirmed friends can see the profile (timeline) or locate it in Search. The profile (timeline) will also no longer appear in the Suggestions section of the Home page. Friends and family can leave posts in remembrance. In order to protect the privacy of the deceased user, we cannot provide login information for the account to anyone. However, once the account has been memorialized, it is completely secure and cannot be accessed or altered by anyone.
If user facing a problem like a violation of a policy, account, information and pictures, user may report the violation through Facebook itself.
Open up the Facebook Help Center, and Facebook will guide us how to make a report. Just select the option to report a violation.
Once user click on this link; http://www.facebook.com/report/ it will shows a few options under the Report Abuse or Policy Violations
Activity:
5 minutes will be given to the participants to explore the Facebook – Report Abuse and policy Violation option
If you believe your account has been compromised by another person or a virus, please click the "My Account Is Compromised" button. We'll help you log back into your account so that you can regain control.
URL: http://www.facebook.com/hacked
Maybe there’s a question among Facebook user, “Can we permanently delete our Facebook account”
Basically, Facebook not allowed us to delete our Facebook account. The only thing we can do is DEACTIVATED the account. Unless if you do not think you will use Facebook again and would like your account deleted, keep in mind that you will not be able to reactivate your account or retrieve any of the content or information you have added. If you would like your account permanently deleted with no option for recovery, log in to your account and then submit your request to Facebook.
This is because each one of the Facebook user will give or provide a valuable information about themselves, their family, friends, contact details, email, etc……
One of the application available on Facebook – BitDefender Safego
Online social interaction usually consist of posts on your wall, comments from friends, status updates. But don’t forget that our online social life relies on a crucial ingredient: your friends’ trust in you.
Using in-the-cloud scanning, Bitdefender Safego protects our social network account from all sorts of e-trouble: scams, spam, malware and private data exposure. But, most importantly, Safego keeps our online friends safe and …close.
More info: http://apps.facebook.com/bd-safego/
Another tools that introduce by AVG – Online Link Scanner
URL : http://linkscanner.explabs.com/linkscanner/AVG/default.aspx
If you'd rather be safe than sorry, enter the URL of the site or web page you want to visit in the box and click the scan button. The LinkScanner Online service will visit and inspect the URL in real-time for whether it is hiding any exploit code and, if so, what exploit.
Use LinkScanner Online to inspect:
Links forwarded by friends
Web sites displayed on search results
Any link with suspicious characters or web site you have never visited
Another tools that may protect user account from online threats…….
More Info : https://www.facebook.com/apps/application.php?id=310877173418
Description: Safeguard against malicious URLs by scanning your feed using Norton Safe Web.
Protect your friends by advising them of malicious URLs you might have in your
feed