If you get a message from a Facebook Friend telling you they urgently need your help accessing their account — pause, because someone’s trying to use Facebook security against you.
Experts yesterday revealed details of the phishing scam that has apparently claimed a few victims recently. It’s basically an attempt to con you into handing over your account codes to someone you think you can trust. The attack is initiated by someone who has already taken over the account of a friend. They send you an urgent message claiming to need help getting back into their account, and to check your email for a recovery code.Read more
Facebook has been fined 1.2 million euros ($1.4 million) for allegedly collecting personal information from users in Spain that could then be used for advertising, the national data protection watchdog said.
The fine stemmed from an investigation into the social network company conducted alongside similar probes in Belgium, France, Germany and the Netherlands. The 1.2 million euro fine is a fraction of Facebook’s quarterly revenue of about $8 billion and stock market capitalization of around $435 billion. AEPD said it found three cases in which Facebook had collected details of its millions of Spanish users without informing them how such information would be used.Read more
If you came across any Facebook message with a video link sent by anyone, even your friend — just don’t click on it. Security researchers at Kaspersky Lab have spotted an ongoing cross-platform campaign on Facebook Messenger, where users receive a video link that redirects them to a fake website, luring them to install malicious software.
Although it is still unclear how the malware spreads, researchers believe spammers are using compromised accounts, hijacked browsers, or clickjacking techniques to spread the malicious link. The attackers make use of social engineering to trick users into clicking the video link.Read more
Russian intelligence agents attempted to spy on President Emmanuel Macron's election campaign earlier this year by creating phony Facebook personas.
About two dozen Facebook accounts were created to conduct surveillance on Macron campaign officials and others close to the centrist former financier as he sought to defeat far-right nationalist Marine Le Pen and other opponents in the two-round election, the sources said. Macron won in a landslide in May. Facebook said in April it had taken action against fake accounts that were spreading misinformation about the French election. But the effort to infiltrate the social networks of Macron officials has not previously been reported.Read more
Researchers at PhishLabs recently spotted a trend emerging in malicious websites presented to customers: mobile-focused phishing attacks that attempt to conceal the true domain they were served from by padding the subdomain address with enough hyphens to push the actual source of the page outside the address box on mobile browsers.
"The tactic we're seeing is a tactic for phishing specifically mobile devices," said Crane Hassold, a senior security threat researcher at PhishLabs’ Research. Hassold called the tactic "URL padding," the front-loading of the Web address of a malicious webpage with the address of a legitimate website.Read more
Germany's consumer watchdogs have made good on their legal threat against Facebook's WhatsApp, suing the messaging giant over the user data it transmits to its social-networking mothership.
The Federation of German Consumer Organisations (VZBV) asked the Berlin county court for an injunction to stop the data-sharing, and to ensure that Facebook deletes the data that WhatsApp has already given it. The VZBV accused the companies of abusing users' trust. The move follows Facebook's failure to agree to a cease-and-desist request that the VZBV issued in September last year, a month after Facebook changed WhatsApp's terms to allow the data-sharing.Read more
Social media companies Facebook Inc, Alphabet Inc and Twitter Inc will have to amend their terms of service for European users within a month or face the risk of fines, a European Commission official said on Friday. U.S. technology companies have faced tight scrutiny in Europe for the way they do business, from privacy to how quickly they remove illegal or threatening content.
The Commission and European consumer protection authorities will "take action to make sure social media companies comply with EU consumer rules," the official said. Germany, the most populous EU state, said this week it planned a new law calling for social networks such as Facebook to remove slanderous or threatening online postings quickly or face fines of up to 50 million euros ($53 million).Read more
A hacker in Belgium claims he has found a serious security flaw that enables attackers to learn Facebook users' personal phone numbers, and he is now threatening to release details of the exploit unless the social network agrees to listen to him and patch the vulnerability.
Hacker is a creative developer for a Belgian public broadcaster who also moonlights as a white hat hacker. He has been discovering and reporting security vulnerabilities since the age of 16, and has worked with Facebook to report critical flaws since 2013. He has also found a total of 137 vulnerabilities for the bug bounty platform HackerOne.Read more
Christmas came early for Facebook bug bounty hunter Tommy DeVoss who was paid $5,000 this week for discovering a security vulnerability that allowed him to view the private email addresses of any Facebook user.
“The hack allowed me to harvest as many email addresses as I wanted from anybody on Facebook,” DeVoss said. “It didn’t matter how private you thought your email address was – I could of grabbed it.” DeVoss said he discovered the vulnerability and reported it to Facebook via its bug bounty program. After weeks of going back and forth verifying what the exact bug was and how it was exploited, Facebook said it would award him $5,000 for the discovery.Read more
Requests by governments around the world for Facebook account data went up 27 percent in the first half of 2016 compared to the latter half of 2015, the social media giant said.
More than half of requests that came from US law enforcement "contained a non-disclosure order that prohibited us from notifying the user," Facebook said. The number of requests for content restriction, or "the number of items restricted for violating local law," went down by 87 percent. Facebook said the attacks in Paris in November 2015 increased the number of content restrictions in the latter half of last year.Read more