Facebook “Error Check System” Trojan

February 25, 2009 0 Comments

KA6F3652animoto Yet another attempt to exploit Facebook and the innocent users like you. Facebook cannot stay off of the front-page security news, can they? A continuous flow of security holes and and unrelenting issues are hitting this social giant like sharp jabs in boxing match. In the left corner, weighing in at 290 lbs…Big Giant Exploit!

The recently discovered, “ Error Check System”, exploit was really a variation of what we all have seen in past email security holes. Here is how it works:

Evil genius creates the program and sends to the first target victims
Someone, only takes one, makes the first mistake and clicks on the message
Message is sent from a trusted source to you (probably your friend that clicked)
The message looks valid and you trust this person so you click
Now all your friends get the same message from you

How to Avoid Issues

Look, most of my friends send me tons of information, links and pictures. I never, ever, click on them unless I am expecting the email and or the attachment that was sent. And, I often send a separate message, IM or Email, asking what the purpose of the attachment or link was. I might also ask how they found it. If it was simply forwarded from a friend of a friend then I typically ignore it. My default is to ignore the message unless I was expecting it. Here are the rules I live by and they work for email, IM, Facebook, Etc:

Think first, could this be something bad?
Never open an attachment you aren’t expecting or didn’t ask for
When in doubt, ask the sender for more information about it
Clicking on links can lead to issues, try searching for the information directly in Google or Yahoo (see what comes up, good or bad)

Searching for “Error Check System + Facebook” would reveal the problem

Never, Ever, Ever… give out passwords or personal information via Email, IM or other methods (phone, skype or fax works)
Have anti-virus software on your machine (hope this is a standard for everyone)