Computer News of The University of Hong Kong Computer Centre - click to visit the home site
view previous articleview Table of Contentsview next article
Computer News No. 136 Nov.-Dec. 2008

Beware of Computer Viruses Spreading via Social Networking Sites

    1. Introduction
    2. Social Networking Sites Viruses
    3. Tips to Protect Your PC From Social Networking Sites Viruses

1. Introduction

As online social networking sites such as Facebook and MySpace are becoming popular, they have become the latest targets of hackers to deliver computer viruses.

The Koobface virus family (“koob” is reverse of “book”) is an example of computer viruses attempted to gather sensitive information, such as credit card numbers and personal details, from Facebook and MySpace users. 

2. Social Networking Sites Viruses

Different variants of Koobface attack different social networking sites, e.g.,

  • Net-Worm.Win32.Koobface.a (Koobface.a) attacks MySpace.
  • Net-Worm.Win32.Koobface.b (Koobface.b) attacks Facebook.

Koobface.a spreads when a user accesses his MySpace account.  The virus creates a range of commentaries to the friends’ accounts.  Koobface.b spreads by delivering spam messages to people that are “friends” of infected users via Facebook site.  The messages contain subjects such as:

  • Paris Hilton Tosses Dwarf On The Street
  • Examiners Caught Downloading Grades From the Internet
  • Hello; You must see it!!! LOL. My friend catched you on hidden cam

The messages on MySpace and Facebook include links to a malicious website which looks like "YouTube" and users are prompted to download the latest version of "Adobe’s Flash Player".  If they download the file, they will infect their PCs with the Koobface virus instead of downloading the legitimate Adobe’s Flash Player.

3. Tips to Protect Your PC From Social Networking Sites Viruses

Here are some tips to protect your PC from computer viruses propagated through online social network websites:

  • Install anti-virus and anti-spyware software on your PC and update definition daily.  Refer to our FAQ on Computer Viruses.
  • Do not use the same password on Facebook or MySpace for your other computer accounts, especially HKU Portal or bank accounts.  If you do this, hackers who gain access to one of your accounts will easily be able to access your other accounts too.
  • Do not give out your passwords, including those for social networking sites to other person.
  • Access your social networking sites by keying in the website address at the address bar of the browser instead of clicking on hyperlinks on some web pages.  There are fake websites which look like Facebook or MySpace but it doesn’t mean they are the legitimate Facebook or MySpace sites.
  • Do not click on unsolicited links.
  • Do not click on link or open attachment in suspicious message even if that message appears to be a friend you know.
  • Be careful when downloading and installing applications.

For more information, please also visit the Facebook Security page at www.facebook.com/security which outlines recent security threats on Facebook.

view previous articleview Table of Contentsview next article