Skip to main content

Facebook Accounts Are Almost Worthless

How much would your Facebook account bring you if you sold it? According to VeriSign, just a couple of pennies. I spotted an article on Dark Reading the other day detailing a recent black market advertisement for over a million Facebook accounts, sold in 1,000 unit increments for $25-$45. About 2 to 4 cents per account, which highlights how easy it has become for these accounts to get compromised and used to spread malicious software.


This little fact just shows you how prolific Facebook has become as the new medium for malware delivery, replacing traditional e-mail. It also is an ominous indicator to the fact that people are much more trustworthy of links coming from their favorite social networking site than they are about the fishy e-mail in their inbox.

Most users are now aware of the basic "Don't open attachments or links from suspicious emails" mantra, but we have a ways to go before that education extends to social networking. The key is getting our users to understand that Facebook, Myspace, YouTube, a website, and e-mail are all simply modes of transportation for a malicious link or attachment to be delivered, and the same due diligence should be paid to each.

Comments

Popular posts from this blog

Outlook Credential Prompt When Opening Exchange 2013 Public Folder

After completing an Exchange 2007 > 2013 migration recently, I was left with one issue that was preventing us from stamping the project as a roaring success and moving on:

Outlook 2013 users were sometimes receiving a single pop-up prompt for credentials whenever they opened the Public Folder (we have only one). One. Single. Prompt.

Google was frustratingly unhelpful because searching for "outlook prompts for username and password when opening public folders" or something similar just resulted in a lot of folks who were always getting a pop-up that wouldn't go away. It was usually caused by an authentication failure of some sort.

However, we were in a different boat - Users got the prompt once when they first launchedOutlook and opened their public folders, but after entering it they could continue - authentication worked. Next time they logged in to their PC, it would happen again. Not a show stopper, but it definitely generated its share of support calls.

Repairing Mailbox Corruption in Exchange 2010

I recently got through recovering an SBS 2011 server after Active Directory face-planted in the middle of a workday. When I say recover, I mean I repeated the entire migration, using a cleaned up secondary DC - it was a fun weekend (expect another post about that experience). Although I thought we were in the clear, I got a call from the client about 24 hours after we had verified everything was working. He indicated that his iPhone had suddenly stopped receiving mail in the inbox (calendar, contacts, sent items were still fine) and throws up an error after spinning in circles for a few minutes that it "cannot connect to mail server".

SCEP Policy Update Troubleshooting

Because I'm a glutton for punishment, I recently started rolling out System Center Configuration Manager 2012 R2 SP1 and System Center Endpoint Protection across our VDI environment. There are always some considerations to be made in a pooled desktop / gold image type environment when loading software that uniquely identifies devices, but lucky for me SCCM/SCEP handled this just fine without any tweaking. However, there were some nuances to how SCEP policies are applied that caused some serious hair-pulling before I spotted the issues.