Sunday, 24 May 2009

Hacked!

...or phished, or whatever it's called. Yup, got a message in my Facebook inbox from a lovely friend, with a somewhat mysterious title: Look at this. When I opened the message there was a succinct instruction to click on the link given. Nothing else. I wondered why my friend was being so mysterious and, curiosity piqued, clicked on the link which took me to a blank page. Thinking the page hadn't loaded properly I went back and clicked again. Same result.

This morning I got a message from her - sent to all her Facebook contacts, I imagine - advising us that she hadn't sent us the link and that if we got it we shouldn't click on it. She also mentioned that Facebook had frozen her account while advising her to change her password.

Then the messages started coming in from some of my other FB friends: Hi, did you send a link to me? I clicked but nothing happened. One friend did not click because she got a phishing warning. Another friend told me her click opened a window that asked for her e-mail address and password - which she entered!

A flurry of messages followed, all from 'friends', all with the same title and invitation to click. I changed my password, posted a warning on my FB page and sent a warning message to everyone on my list. Then I ran my antivirus and spyware scans, hoping for the best. I had no idea what the hackers would do next so I painstakingly made a list of all my FB friends and their contact info. Wouldn't like to go over there and find everything had disappeared into the cybervoid. Minutes ago another friend - who had gotten the message to go click from 'me' earlier today - let me know that FB had frozen her account as well, pending her changing the password. Interesting, no?

Beware, beware, beware. These villains thrive on the trust we put in our friends. If something with, for example, my son's name in the sender field comes into my inbox, my defenses disappear without my even thinking about it, and I'm clicking away and following instructions before I'm even aware of what I'm doing. Hopefully this episode will serve as a warning to me, and to you. The Internet isn't the fuzzy friendly place we imagine it is sometimes. Let us not fall into complacency.

There's another angle to this. I've been hearing rumors about FB beginning to charge users for the privilege of using their services. Being a great fan of conspiracy theories, I've been wondering if they're engineering this rash of break-ins to convince us that we need a more secure, PAID version of their service? What think you?

12 comments:

KeVin K. said...

I stopped facebooking after about a week of hourly updates from my coworkers and people I barely knew (and finding myself posting nonsense about how I was feeling or had for lunch). I'll check my account and see if I have any mysterious messages. Then delete them all without reading.
I doubt there's a facebook conspiracy -- just a phishing attack.

JJ Beattie said...

Yeah, I'm not that interested in Facebook to be honest. If I had to pay I'd be out of there as quick as anything!

I hope nothing else is compromised for you.

Debs said...

What a pain. Lane had the same thing happen to her.

I'm not very good at keeping up with facebook, but shall tell others to be careful.

Lane said...

It was a complete pain Liane. It went viral very quickly. I'd had a fake message earlier in the day and then the next thing, 'I' was sending out spam. Facebook locked my account quickly which saved more nonsense.

I like F/B, mainly for the word games and checking in with other Racers/bloggers. There's no way I'd pay for it though.

kim said...

I would be gone if I had to pay for it, just ask classmates -- they keep teasing me -"pay and see who signed your guest book". Uh, let's not and say we did.

I have made some valuable connections via facebook, but I don't need to pay to stay in touch. I think I could live without knowing which 70's TV star I am, too.

Liane Spicer said...

KeVin, I've cut back drastically on my FB time as well.

JJ, I'd never pay for it either.

Debs, a total pain in the butt, it was.

Lane, I'm still getting messages from friends asking about links I've sent them. Thank goodness I've never gotten into the word games or I'd never get out of there! ;)

Kim, I haven't heard a single person say they're willing to pay for FB. I too have reconnected with some long lost people, and as for the applications - I never allow them. Don't trust the part where you give them permission to access your info. :(

Flowerpot said...

I don't do Facebook (or whatever the verb is) because I don't think I'd get anything done - having to pay for it as well sounds a real No No.

akalol said...

"You have been hacked" Jason Voorhee chop master from Friday 13th

Over the years I received several emails from female friends and strangers offering to go to bed with me etc but based on what you said, I now know the offers were too good to be true and were just hacks.

Fia said...

Gosh, your theory may be right.

Like KeVin, I stopped facebooking a week or two ago. There's another to distract me all ready.

Liane Spicer said...

Flowerpot, you're wise to stay away from FB. It's a time sink.

akalol, not Jason! (You know what they say: If it looks too good to be true - it usually is!)

Fia, as if FB isn't enough, now the pressure is on to tweet. I'm going nowhere near Twitter!

Debi said...

Just as well I stick to Blogger and avoid FB, MySpace, Bebo, Twitter etc etc etc. My life is already being eaten by blogging and I know my limits.

But now I'm being attacked by non-deletable comments on my blog leading to some porn promo.

Yeah, the internet is certainly not the fluffy cuddly place we'd like it to be ...

Liane Spicer said...

Debi, I think that's very smart of you. Facebook has managed to beguile me but I've said no to all the others.

Those non-deletable comments are a pain in the butt, and I'm seeing them cropping up on more and more of my friends' blogs. Hope Blogger finds a way to block them soon.