Solved

Malware and spam posts

Posted on 2012-03-13
8
578 Views
Last Modified: 2013-11-22
1)      When spam posts appear on user’s tweets/facebook posts, which wasn’t them intentionally posting spam, i.e. something/someone’s posted on their behalf  – how has it happened/appeared? Is it malware or something else? How would that malware infect the users account?
2) Is it typically malware has infected on their client first (be that PC or SmartPhone), then got on to their account, or is it just targeting their FB/twitter account, and doesn’t need to infect their Smartphone/PC first?
3) If a SmartPhone malware infected a FB account, can that same malware be evident on a desktop PC? Or aren’t malware the same for both smartphones and PC’s? I.e. if a Smartphone got malware, and that smartphone was attached to a PC – can the PC be infected.
4) If an FB account or Twitter account has been compromised and such spam posts are happening on their
5) What else aside from up to date AV definitions can you do to keep malware off your machine? Are the types of FB malware i.e. if you clicked the spam link going to infect your PC or just Smartphone?
0
Comment
Question by:pma111
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
8 Comments
 
LVL 9

Accepted Solution

by:
Timothy McCartney earned 500 total points
ID: 37714411
It's likely they were on a network while using facebook insecurely (http instead of https). I highly recommend that they change their password promptly, and go into the security settings of facebook and check the option to ALWAYS use HTTPS.

It's more likely that their account was 'hacked' rather than malware.
0
 
LVL 9

Expert Comment

by:Timothy McCartney
ID: 37714422
Also, you'll want to check which Facebook/Twitter 'apps' have specific rights to post on his/her wall. You can remove the rights of any applications you are unfamiliar with.
0
 
LVL 3

Author Comment

by:pma111
ID: 37714443
Thanks, when you say it was hacked rather than malware?

How would it be hacked? I.e. how come some users get hackd and others dont. As often you see the same tweet / fb update which is blatant spam for many users?

WHat have these users done wrong that others havent.

Will changing passwords do anything?

Will the apps need to be removed from the phones and then readded as I suspct they cache login credentials?
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 3

Author Comment

by:pma111
ID: 37714450
>>It's likely they were on a network while using facebook insecurely (http instead of https). I highly recommend that they change their password promptly, and go into the security settings of facebook and check the option to ALWAYS use HTTPS.


Can you expand on this issue in lymans terms? Are you saying the apps on smartphones typically accses FB.twitter over HTTP?
0
 
LVL 9

Expert Comment

by:Timothy McCartney
ID: 37714457
If you connect and are logged into Facebook/Twitter using http (ie http://facebook.com rather than https://facebook.com) - Hackers have the ability to 'connect' to a user's session without the aid of password/malware, simply because the connection is insecure. Switching to HTTPS and changing your password is a must in this situation.
0
 
LVL 9

Expert Comment

by:Timothy McCartney
ID: 37714471
If you go into the security settings of facebook, there is an option to only use HTTPS. Without this option being selected, there are simple programs that hackers can use (one in particular is called Faceniff) A tech blog site called Lifehacker posted a great article regarding this.

http://lifehacker.com/5807740/faceniff-is-the-firesheep-for-android-hijacks-facebook-sessions-with-one-tap

Please note that I do not condone the use of such an app. I merely wish to show the ease at which such an app can take over an unsuspecting victims Facebook (and other) accounts. Please take the measures outlined in the article to prevent this from happening.
0
 
LVL 3

Author Comment

by:pma111
ID: 37714520
Do the FB and Twitter apps on smartphone use HTTP also? I.e. if the user doesnt purposelly go to www.twitter.com they just use it from their smartphone app, and thus dont even login how can you tell if thats HTTP or HTTPS?
0
 
LVL 9

Expert Comment

by:Timothy McCartney
ID: 37714534
If you have HTTPS setup in your account, then the connection will be using https for the associated smartphone apps as well.

The same cannot be said for third party apps, however if you do have HTTPS setup, and the app in question does not support it, it will not work. So if you DO have it set up, and your apps are still working just fine, then you are in good shape.
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Restoring files from Windows Server Backup 7 92
svg file 10 113
Windows 10, Hotmail and AdChoices 7 37
Rensome / malware protection 9 71
PREFACE The purpose of this guide is to provide information to successfully add specific IIS 7.0 role services for the Symantec Endpoint Protection Manager (SEPM) to function properly when installed on Windows 2008. AUDIENCE Information Technol…
By the time you finish reading this article, you may have already lost all your money because you don't know the simple steps to securing your BitCoin wallet. BitCoin is an incredible invention. It is a decentralized currency system, which is the…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question