hass internet technology reviews, how to avoid facebook scams, be a skeptic
TRANSCRIPT
1
Company Proprietary and Confidential Copyright Info Goes Here Just Like
This
http://www.linkedin.com/groups/Hass-Associates-Online-Cyber-Review-4883972
HASS INTERNET TECHNOLOGY
REVIEWS
2
Company Proprietary and Confidential Copyright Info Goes Here Just Like
This
Q&A: HOW TO AVOID FACEBOOK
SCAMS? BE A SKEPTIC
Question: I fell for one of those Facebook scams. How do I make sure
none of it is left on my Timeline and avoid that kind of mistake in the
future?
Answer. This question most recently came from a friend who, in a
moment of weakness, tried to claim an alleged offer for two free tickets
on Southwest Airlines. First, this person reported seeing the free-tickets
ad on the profile of a trusted friend. A click on that opened a tiny
browser window (unnoticed at first) and then copied the same scammy
ad to my friend's profile. It also opened a normal-sized browser
window asking for personal information to claim the free tickets; my
friend was suspicious enough by then to provide an incorrect birthday
and back out after being asked to pay $9.99 a month. But at that point,
the bogus ad had littered the profiles of many Facebook pals. Later on,
http://www.linkedin.com/groups/Hass-Associates-Online-Cyber-Review-4883972
3
Company Proprietary and Confidential Copyright Info Goes Here Just Like
This
my friend also received telemarketing calls, spam text messages (if you
get those, ask your carrier to waive any charges you'd pay to receive
them), and about 50 more junk e-mails a day than before. What
happened here? The scam worked by exploiting a form of temporary
authentication Facebook (like other sites) uses to avoid asking users to
enter their passwords all the time. Frederic Wolens, a Facebook
security manager, explained that "user access token" hijacking enables
the scammer to impersonate the victim. "They can act as if they were
the user until that access token has been invalidated by Facebook," he
wrote. "Most of the time we try and invalidate these tokens as soon as
we detect a scam.“ The hijacking could have happened in the tiny
window the ad opened at first. Beth Jones, a researcher with the
security firm Sophos, explained that con artists can use JavaScript
tricks to hide links in part of or all of a page — for example, turning it
into a giant "Like" button. (Javascript is a form of Web code, no
relation to Oracle's frequently-exploited Java software that adds basic
interactivity to sites.)
http://www.linkedin.com/groups/Hass-Associates-Online-Cyber-Review-4883972
4
Company Proprietary and Confidential Copyright Info Goes Here Just Like
This
Facebook's cleanup advice began with advising my friend to visit
facebook.com/hacked, which will reset your password and walk you
through ways to further secure your account. Once you've regained
control over your account — always the first step in recovering from an
attack like this — you should delete every copy of the scam post. Go to
your profile, click the "Activity Log" button, and then look for the
offending ads. Steer the cursor just above and to the right of each one,
click on the pencil icon that should appear, and select "Delete..." from
that menu. Sophos's Jones advised checking the apps that Facebook
lists as recently installed. If you neither recognize one nor remember
adding, it, remove it. And if you don't recognize pages that your profile
says you like, they could have been added with the "likejacking"
technique described earlier; remove them too. There's no better defense
against this than skepticism. Taking a minute to search for, say,
"Southwest free tickets" before clicking on an ad that defied economic
logic would have revealed that this scam has been circulating for years.
As far back as May 2011, Southwest itself was trying to warn Facebook
http://www.linkedin.com/groups/Hass-Associates-Online-Cyber-Review-4883972
5
Company Proprietary and Confidential Copyright Info Goes Here Just Like
This
users, and last year the scam got a write-up on the Snopes mythbusting
site. As we say in newsrooms: "If your mother says she loves you,
check it out.”
Tip: Put Facebook and other social-network notifications on a
diet
Many social-media sites operate as if you have a deep and
abiding fear of missing out: They will e-mail you and pop notifications
on your smartphone every time something of consequence happens.
That can be helpful when you're getting the hang of a new network, but
after a few months most of these notices only gum up your inbox and
your phone's screen. Turn off alerts about anything that doesn't require
immediate action — for instance, Facebook friend requests and new
status updates from pals you've added to your "Close Friends" list
there, or new followers on Twitter or Tumblr.
http://www.linkedin.com/groups/Hass-Associates-Online-Cyber-Review-4883972
6
Company Proprietary and Confidential Copyright Info Goes Here Just Like
This
On Facebook, go to your account-settings page and click
"Notifications" to control what that network bugs you about on e-mail
and on its site; open Facebook's mobile app to adjust its nags there. In
Twitter, sign in at its site, click the gear-icon settings button at the top
right and select "E-mail notifications." On Tumblr, click its own gear-
icon settings button and choose "e-mail."
…end of slide ^^
http://www.linkedin.com/groups/Hass-Associates-Online-Cyber-Review-4883972
http://www.goodreads.com/topic/show/1214291-financial-hass-associates-accounting-blog---eu-planlegger-11-nasjon-
fina
http://www.wattpad.com/12317622-cyber-security-hass-associates#.UXn6t6L-GQo