Facebook Group of 1.5 million Hacked and Spammed

First of all, let me say that I like Facebook and have an account.  In my opinion it is far superiorfb-icon1 to it’s competition for many reasons – but, just like any other publicly accessible Internet portal, it has its vulnerabilities.

A recent article on Internet News details the hacking and spamming of a popular Facebook Group that seeks to rollback their layout changes made in July of 08. The hackers were able gain access to the group and place ads for bogus money-making schemes and probably promises of porn.  Facebook analysts learned that a third-party provider was involved in distributing the spam. For more on the attack, see the article on Internet News.

So what to do to avoid this sort of attack on your social networking page?

Here are a few tips and pointers to keep your site your own and hopefully avoid any embarrassing intrusions.

  1. Always make sure the URL (the stuff in the address bar at the top of the screen where the website address is typed – i.e., www.jerodschaefer.com) is actually pointing to the site at which you are attempting to login.  Hackers will often mimic pages in an attempt to get your login credentials. If you attempt to login and cannot, return to the home page of the site (i.e. facebook.com) and attempt to login again. If you successfully login, change your password immediately and notify the site owners of the possible problem.  If  you can’t login, contact the help center of the site immediately because your page has probably been compromised.
  2. Usernames and passwords.  No matter how many times I tell people this it never seems to penetrate… Use a different password for each site you to which you have a login. If you always use the same username/password combination there is no easier way for a hacker and/or identify thief to steal your identity than to get your login credentials. Think about it – if your login info is discovered the hacker has only to do a little research to rob you blind.  For more on password security, see my page on the subject.
  3. Keep your login info private. As obvious as this is, many people don’t follow this simple rule about security. Your page/profile is only secure if you don’t share your login information.  If the NEED to give out that information arises, make sure you change your credentials as soon as the need has passed. Your friends might think sending crude jokes or insulting remarks in your name is funny, but the people who receive them probably won’t.
  4. Be careful what you post. This is a good idea no matter the situation. Your online profile can harm or hurt you – so if you don’t want your mom or employer to see it – don’t post it.  Bad decisions captured on film spread pretty quickly via the web – look at the trouble Michael Phelps has gotten himself into when a picture of him smoking a bong surfaced on the Internet. Once it’s out there, it’s impossible to retract – even if it wasn’t true.
  5. Keep virus & malware programs up to date. Again, another “duh.” Nonetheless, it bears repeating that a good virus scan and Malware protection program goes a long way to helping you stay secure online. Keyloggers that track your every move run rampant and can easily steal your login information.

I am sure that this will not be the last occurence of such security breaches but as with most things, a little common sense goes a long way. The Internet and social networking sites will continue to grow in popularity and develop more and more secure methods of keeping your information yours – and the hackers will continue to overcome those methods.  I guess the only sure way to avoid these kinds of issues is not to use Facebook and the like – but that’s not very likely going to happen.

Thanks for reading and God speed!

Leave a Reply