Facebook message warns users not to click on a link in a private message directing them to album92 dot com because going to the site will install a virus on their computers.
*Brief Analysis* It is true that users should not click on links asking them to visit album92 dot com. The links open a fraudulent website that tries to trick them into submitting their Facebook login details. However, the threat described is a phishing scam, not a virus. And "album92" is just one in a long list of domain names used in this phishing scam campaign. To be effective, security warnings must contain up-to-date information that correctly describes the perceived threat and what to do to avoid it. Confused and exaggerated messages like this can be misleading and counterproductive. *Example * WARNING FB FAMILY!!!!!!!!!!!!!!!!!! In vase you haven't already heard there is a scam going on...If you get a Private Message from anyone on your Friends List that says go to "ALBUM92 .COM & SEARCH YOUR NAME & CLICK ON THE FIRST PICTURE" -----DON'T DO IT!!!!!!!!! When you click on the picture you receive a "VIRUS"!!!!!!!!!!!!!!!!!!!!!!! *Analysis* This breathless, exclamation mark riddled "scam warning" message is currently rocketing around Facebook. The message warns uses to watch out for private messages asking them to go to "album92.com" and search their name to view a picture. According to the message, clicking on this picture will infect your computer with a virus. Although garbled and inaccurate in its wording, the message does reference a genuine security threat. Many Facebook users have recently reported receiving messages similar to the one below: *hey, go to album92 dot com and search for [name of user] then click on the first photo.. I bet you didn’t remember that, eh?…* People who go to the site and click the picture as instructed will next be taken to a fake page designed to closely resemble a genuine Facebook page and told that they must log in to view the content. Any login details entered on the fake site can then be collected by criminals and used to hijack these Facebook accounts. The compromised accounts can later be used to launch more scam and spam campaigns. It is important to note that "album92.com" is just one in a long list of domain names used in this particular scam. In their article about this threat<http://facecrooks.com/Scam-Watch/hey-go-to-photos2004-dot-com-and-search-for-your-name-then-click-on-the-first-photo-phishing-scam.html>, anti-scam website Facecrooks notes that many of the domains are in the form "album(year) . com" while others take the form "photos (year) . com or "login (h***) . com". Thus, the advice in the warning not to click such links is valid and certainly worth heeding. Unfortunately, the overall usefulness of the message as a security alert on the issue is significantly defused because of its inaccurate description of the threat and because of the way it is worded. The threat described is a phishing scam *not *a virus. Why is this important, you might ask, so long as people heed the warning and do not click the link? Well, to be useful, warning messages must *accurately *describe the perceived threat and how to handle it. A phishing scam is a very different type of threat than a computer virus and viable methods for protecting yourself from them are also very different. For example, while your antivirus software may protect your system from being infected by a virus or worm, it may not protect you from inadvertently visiting a phishing scam website and divulging your personal information. This unfortunate trend to generically label all security threats - including phishing scams, malware attacks and survey scams - as "viruses" just muddies the water and can be counterproductive. Such generic terminology can potentially mislead users into responding to threats in a way that may actually increase their likelihood of becoming victims rather than help protect them. Calling everything a "virus" can stop people from learning about different forms of attack and how best to protect themselves. And, the "urgent", exaggerated and grammatically grating way that the message is worded is very reminiscent of many outright hoaxes and bogus warnings. Such characteristics are often first indicators that a message may be invalid. Thus, many people are likely to dismiss the warning as just one more peice of Facebook nonsense and disregard it entirely. In fact, a lot of users are quite unlikely to take seriously any message rendered in such a manner. So, although it contains an important element of truth, sending on the message in its current form may ultimately hinder more than it helps. Rewording the message so that it accurately describes the threat and what to do about it is likely to be much more helpful. And cutting out the long, sorry lines of redundant exclamation marks and all the SHOUTING in the message would also significantly increase its credibility and the likelihood that it will be taken seriously. *This has been authenticated by Hoax-slayer in its latest issue...* -- With best wishes S Chander
