Solved

Malware and spam posts

Posted on 2012-03-13
8
579 Views
Last Modified: 2013-11-22
1)      When spam posts appear on user’s tweets/facebook posts, which wasn’t them intentionally posting spam, i.e. something/someone’s posted on their behalf  – how has it happened/appeared? Is it malware or something else? How would that malware infect the users account?
2) Is it typically malware has infected on their client first (be that PC or SmartPhone), then got on to their account, or is it just targeting their FB/twitter account, and doesn’t need to infect their Smartphone/PC first?
3) If a SmartPhone malware infected a FB account, can that same malware be evident on a desktop PC? Or aren’t malware the same for both smartphones and PC’s? I.e. if a Smartphone got malware, and that smartphone was attached to a PC – can the PC be infected.
4) If an FB account or Twitter account has been compromised and such spam posts are happening on their
5) What else aside from up to date AV definitions can you do to keep malware off your machine? Are the types of FB malware i.e. if you clicked the spam link going to infect your PC or just Smartphone?
0
Comment
Question by:pma111
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
8 Comments
 
LVL 9

Accepted Solution

by:
Timothy McCartney earned 500 total points
ID: 37714411
It's likely they were on a network while using facebook insecurely (http instead of https). I highly recommend that they change their password promptly, and go into the security settings of facebook and check the option to ALWAYS use HTTPS.

It's more likely that their account was 'hacked' rather than malware.
0
 
LVL 9

Expert Comment

by:Timothy McCartney
ID: 37714422
Also, you'll want to check which Facebook/Twitter 'apps' have specific rights to post on his/her wall. You can remove the rights of any applications you are unfamiliar with.
0
 
LVL 3

Author Comment

by:pma111
ID: 37714443
Thanks, when you say it was hacked rather than malware?

How would it be hacked? I.e. how come some users get hackd and others dont. As often you see the same tweet / fb update which is blatant spam for many users?

WHat have these users done wrong that others havent.

Will changing passwords do anything?

Will the apps need to be removed from the phones and then readded as I suspct they cache login credentials?
0
MS Dynamics Made Instantly Simpler

Make Your Microsoft Dynamics Investment Count  & Drastically Decrease Training Time by Providing Intuitive Step-By-Step WalkThru Tutorials.

 
LVL 3

Author Comment

by:pma111
ID: 37714450
>>It's likely they were on a network while using facebook insecurely (http instead of https). I highly recommend that they change their password promptly, and go into the security settings of facebook and check the option to ALWAYS use HTTPS.


Can you expand on this issue in lymans terms? Are you saying the apps on smartphones typically accses FB.twitter over HTTP?
0
 
LVL 9

Expert Comment

by:Timothy McCartney
ID: 37714457
If you connect and are logged into Facebook/Twitter using http (ie http://facebook.com rather than https://facebook.com) - Hackers have the ability to 'connect' to a user's session without the aid of password/malware, simply because the connection is insecure. Switching to HTTPS and changing your password is a must in this situation.
0
 
LVL 9

Expert Comment

by:Timothy McCartney
ID: 37714471
If you go into the security settings of facebook, there is an option to only use HTTPS. Without this option being selected, there are simple programs that hackers can use (one in particular is called Faceniff) A tech blog site called Lifehacker posted a great article regarding this.

http://lifehacker.com/5807740/faceniff-is-the-firesheep-for-android-hijacks-facebook-sessions-with-one-tap

Please note that I do not condone the use of such an app. I merely wish to show the ease at which such an app can take over an unsuspecting victims Facebook (and other) accounts. Please take the measures outlined in the article to prevent this from happening.
0
 
LVL 3

Author Comment

by:pma111
ID: 37714520
Do the FB and Twitter apps on smartphone use HTTP also? I.e. if the user doesnt purposelly go to www.twitter.com they just use it from their smartphone app, and thus dont even login how can you tell if thats HTTP or HTTPS?
0
 
LVL 9

Expert Comment

by:Timothy McCartney
ID: 37714534
If you have HTTPS setup in your account, then the connection will be using https for the associated smartphone apps as well.

The same cannot be said for third party apps, however if you do have HTTPS setup, and the app in question does not support it, it will not work. So if you DO have it set up, and your apps are still working just fine, then you are in good shape.
0

Featured Post

SendBlaster Pro 4 - Bulk Email Sending Software

SendBlaster 4 Pro - Best Bulk Emailing Sending Software
Automatic Subscribe / Unsubscribe Processing
Great for Newsletters & Mass Mailings
Optional HTML & Text Composition
Integration with Google Features
Built in Spam Score Checking
Free Professional Templates - Feature Packed!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Bulk Emailing to verious lists 11 110
Exchange 2013 - Problem with some attachments 10 116
how can I resolve popup issues with Microsoft Edge? 9 140
Twitching screen 11 143
OVERVIEW This guide provides information on the process performed when the Symantec Endpoint Protection (SEP) client checks in with the Symantec Endpoint Protection Manager (SEPM). AUDIENCE Information Technology personnel responsible for suppo…
By the time you finish reading this article, you may have already lost all your money because you don't know the simple steps to securing your BitCoin wallet. BitCoin is an incredible invention. It is a decentralized currency system, which is the…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question