Malware and spam posts

1)      When spam posts appear on user’s tweets/facebook posts, which wasn’t them intentionally posting spam, i.e. something/someone’s posted on their behalf  – how has it happened/appeared? Is it malware or something else? How would that malware infect the users account?
2) Is it typically malware has infected on their client first (be that PC or SmartPhone), then got on to their account, or is it just targeting their FB/twitter account, and doesn’t need to infect their Smartphone/PC first?
3) If a SmartPhone malware infected a FB account, can that same malware be evident on a desktop PC? Or aren’t malware the same for both smartphones and PC’s? I.e. if a Smartphone got malware, and that smartphone was attached to a PC – can the PC be infected.
4) If an FB account or Twitter account has been compromised and such spam posts are happening on their
5) What else aside from up to date AV definitions can you do to keep malware off your machine? Are the types of FB malware i.e. if you clicked the spam link going to infect your PC or just Smartphone?
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Timothy McCartneySYS ADMINISTR I INFRASCommented:
It's likely they were on a network while using facebook insecurely (http instead of https). I highly recommend that they change their password promptly, and go into the security settings of facebook and check the option to ALWAYS use HTTPS.

It's more likely that their account was 'hacked' rather than malware.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Timothy McCartneySYS ADMINISTR I INFRASCommented:
Also, you'll want to check which Facebook/Twitter 'apps' have specific rights to post on his/her wall. You can remove the rights of any applications you are unfamiliar with.
pma111Author Commented:
Thanks, when you say it was hacked rather than malware?

How would it be hacked? I.e. how come some users get hackd and others dont. As often you see the same tweet / fb update which is blatant spam for many users?

WHat have these users done wrong that others havent.

Will changing passwords do anything?

Will the apps need to be removed from the phones and then readded as I suspct they cache login credentials?
Make Network Traffic Fast and Furious with SD-WAN

Software-defined WAN (SD-WAN) is a technology that determines the most effective way to route traffic to and from datacenter sites. Register for the webinar today to learn how your business can benefit from SD-WAN!

pma111Author Commented:
>>It's likely they were on a network while using facebook insecurely (http instead of https). I highly recommend that they change their password promptly, and go into the security settings of facebook and check the option to ALWAYS use HTTPS.

Can you expand on this issue in lymans terms? Are you saying the apps on smartphones typically accses FB.twitter over HTTP?
Timothy McCartneySYS ADMINISTR I INFRASCommented:
If you connect and are logged into Facebook/Twitter using http (ie rather than - Hackers have the ability to 'connect' to a user's session without the aid of password/malware, simply because the connection is insecure. Switching to HTTPS and changing your password is a must in this situation.
Timothy McCartneySYS ADMINISTR I INFRASCommented:
If you go into the security settings of facebook, there is an option to only use HTTPS. Without this option being selected, there are simple programs that hackers can use (one in particular is called Faceniff) A tech blog site called Lifehacker posted a great article regarding this.

Please note that I do not condone the use of such an app. I merely wish to show the ease at which such an app can take over an unsuspecting victims Facebook (and other) accounts. Please take the measures outlined in the article to prevent this from happening.
pma111Author Commented:
Do the FB and Twitter apps on smartphone use HTTP also? I.e. if the user doesnt purposelly go to they just use it from their smartphone app, and thus dont even login how can you tell if thats HTTP or HTTPS?
Timothy McCartneySYS ADMINISTR I INFRASCommented:
If you have HTTPS setup in your account, then the connection will be using https for the associated smartphone apps as well.

The same cannot be said for third party apps, however if you do have HTTPS setup, and the app in question does not support it, it will not work. So if you DO have it set up, and your apps are still working just fine, then you are in good shape.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Anti-Virus Apps

From novice to tech pro — start learning today.