Facebook has 2 billion users, so it’s more than likely that the majority of your employees use it. However, did you know that Facebook can spread malware?
Malicious links – which appear to be for video files – are now being sent to users by their friends, but these links are highly deceptive. The main aim seems to be to collect login credentials and it doesn’t appear to download any malicious software such as ransomware. So, it may not be the most dangerous piece of malware, but it’s certainly a nuisance and indicates that a major malware attack could easily spread through millions, if not billions of systems.
Social media is an important sector of the business world now, so we’re going to take a look at exactly what’s happened in Facebook messenger and the best practices to avoid falling victim.
Click This Link…
The malicious messages arrive in users’ inbox and start with the user’s first name and simply say ‘video’ followed by a link which uses either a bit.ly or t.cn address. The link will then take the user to a Google Docs document which mimics a landing page and appears to house a playable video.
What’s interesting about clicking the video in question is that the destination it takes the user to is dependent on their web browser. Chrome users are taken to a fake YouTube page which downloads a malicious Chrome extension and Firefox users are redirected to a page requesting a download of malware disguised as a Flash player install. The malware delivered to Firefox users appears to consist of adware, so this indicates a financial motive, but the Chrome extension’s objective isn’t entirely clear.
Although there doesn’t appear to be any major damage caused by this malware campaign, it’s still considered a massive threat as it’s believed the malicious links are being spread by hijacked accounts. And this ensures that more and more spam is spread across Facebook and more login credentials are harvested along the way.
Avoiding Facebook Malware
While email still packs a major punch in the world of malware, hacking messenger software is a natural progression due to its shift in popularity for communicating. And the Facebook Messenger malware demonstrates that there’s a possibility it could evolve into something much more dangerous. Therefore, it’s important that you take the following precautions to protect your organization’s networks:
- Social media – on a personal level – access should be restricted, if not entirely banned, as it’s considered a huge distraction to workers. And, with this latest malware campaign, it would appear that it will soon become a popular access point for hackers to exploit – in fact, this isn’t the first Facebook hack to make headlines.
- Employees need to be educated about the danger of clicking random links even if they’re sent by close friends. It only takes one click of a link for a hacker to gain access to every PC on your network, so this danger needs to be emphasized to all employees as part of their IT induction.
- The importance of good password security should regularly be communicated to your staff. Facebook, for example, contains a vast amount of personal information such as where users works and, coupled with stolen login credentials, this could give hackers a head start on infiltrating your organizations network; this risk is magnified if passwords are not personalized for different applications.
For more ways to secure and optimize your business technology, contact your local IT professionals.
