Sunday, August 21, 2011

How to Easily Get Viruses from Facebook

I didn't realise it was so easy to get viruses from Facebook but today I faced a possible virus infection from Facebook.

It all started out with a chat from someone who, although I know, I never chatted before on Facebook. So I replied to him but his reply sounded suspicious. And then a link appeared.

Normally I would caution you not to click on any links but since I knew this was a valid website, I clicked on the link.




It then took me to YouTube looking page with my name on it and when I scrolled down, a list of comments from some of my friends and some unknown people. I assumed these were names of people who were gullible enough to click on the Download it from Adobe link.

First note of a fake website - check the URL (see item in yellow). It points to a number. That is wrong. It should be www.youtube.com. Even if the URL looks similar to Youtube, always check carefully. I saw a similar website with the title www.youtubes.com  <-- note the extra S in youtubes. Be aware.



When you put your mouse over the Download it from Adobe, see the target URL below (follow Red arrow). The filename shows Flash-Player.exe but the source of the file is from a fake website.

Never download EXE files from unknown websites, even if they were sent to you by your friends.




For your information, the fake website resides in Hungary, see information below.


% APNIC found the following authoritative answer from: whois.ripe.net
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf
% Note: this output has been filtered.
%       To receive output for a database update, use the "-B" flag.
% Information related to '188.36.0.0 - 188.36.119.255'
inetnum:        188.36.0.0 - 188.36.119.255
netname:        T-HOME-CATV
descr:          T-HOME broadband customers dynamic address pool
country:        hu
admin-c:        bat3-ripe
tech-c:         bat3-ripe
status:         assigned pa
remarks:        infra-aw
mnt-by:         tcom-mnt
source:         RIPE # Filtered
person:         Attila Balogh
address:        Magyar Telecom
address:        R&D Directorate
address:        Magyar Tudosok korutja 9.
address:        Budapest
address:        H-1117 Hungary
phone:          +36 1 481 7406
fax-no:         +36 1 481 7455
e-mail:         bat@netadmin.hu
nic-hdl:        BAT3-RIPE
mnt-by: tcom-mnt
source:         RIPE # Filtered
% Information related to '188.36.0.0/16as5483'
route:          188.36.0.0/16
descr:          Hungarian Telekom
origin:         as5483
mnt-by:         tcom-mnt
source:         ripe # Filtered




188.36.108.214 - Geo Information
IP Address 188.36.108.214
Host - BC246CD6.dsl.pool.telekom.hu
Location -  HU, Hungary
City - Budapest,
05 - Organization - T-HOME broadband customers dynamic address pool
ISP - Magyar Telekom plc.
AS Number - AS5483 Magyar Telekom plc.
Latitude - 47°50'00" North
Longitude - 19°08'33" East
Distance - 630.06 km (391.50 miles)

No comments: