On a fair new day, you may get this message in Facebook: "You look funny in this new video" or "You look awesome in this new video". See the screenshot.
[Thanks to CNET News for this image]
If you get this message, be prompt to delete it. Keep your virus detector enabled all the time. This message is prompted by a virus called the Koobface worm (Net-Worm.Win32.Koobface.a. and Net-Worm.Win32.Koobface.b). [Read More at Kaspersky Lab].
If you click the message and go to the link given, it prompts you to update the Adobe Flash player to the latest version, even if you already have it in your system. If you allow the download, what actually gets downloaded is a variant of the Koobface virus that will hack into your Facebook account and continue to send messages to your unsuspecting friends.
Koobface had hit MySpace users during the August and had done lot of damage. Now it has come really hard on my choice of social networking site.
The message gets propagated from affected systems and Facebook accounts. It means, whoever sent you the message is affected. If it's a friend of yours, then quickly let him know about it.
In fact, I almost believe this virus was there affecting GMail users far back. I used to get messages with titles like "You look awesome/funny in this video" in my GMail inbox. Good that they were all filtered out by the wonderful spam detector of GMail. Maybe, you also have such stories to tell.
What Koobface does is even deeper and more bizarre. It actually tries to get hold of your sensitive personal information like your identity or credit card and other financial data. I needn't stress the effects.
Tips to Stay Safe
Here are some tips for you to fight online virus and spam attacks. A more detailed post on which security threats you should be careful about will be posted in the future.
- Do not open any message from unknown people.
- Even if you open messages from your friends, do not open any attachments unless you absolutely trust them.
- Always keep your antivirus, antispam, and firewall software ready and do not open the attachment without scanning.
- Do always look at the address bar of the browser to see which website you are going.
- Do not click links to websites, which seem to be impersonating legitimate ones (a practice called Phishing). Check the address bar to see which is the actual website.
- Do not download any software from any unknown websites. Better still: Do not download anything without recommendation from trusted reviewers like CNET Download or SoftPedia.
- If any website asks you for your sensitive login details (such as bank account login, PayPal login, etc.) do not give them.
- Don't click any link you get in email that asks for username and password. If you suspect that it is legitimate request, check the browser address bar to see the actual website URL before proceeding.
- If you suspect your system is in attack, do a full scan of the system with antivirus software.
- If you suspect that your Facebook/MySpace account may be hacked into, confirm it by enquiring your friends if they receive any unusual message from you.
- Periodically change the password of all your accounts and set hard ones.
- Do not keep the same password for more than one service. Not even similar.
- If you think any of your friends is in attack, alert him immediately.
It is up to you to keep your Facebook/MySpace accounts secured. Be very diligent and pro-active about it. Don't risk your security.
Remove Koobface Virus Manually
Why Do You Need an Antispam?
McColo Corporation: The Largest Internet Spammer Fell Down
Copyright © Lenin Nair 2008