Dubai Phoney options to disable Facebook's Timeline (TL) feature could expose up to two million UAE users to password-stealing codes, an expert has warned.
TL replaces the traditional page with a bigger profile picture. Confused about how it works, many are carrying out privacy housekeeping on the site.
Aji Joseph, General Manager of IT security firm Eset Middle East, said: "Timeline has caused confusion among users and scammers are capitalising on people's dislike for it by offering options to disable it, but clicking that option unleashes malicious payloads such as password key-loggers."
"Some users would want to go back to their old Facebook page. In reality, this [disabling] won't work," said Joseph. "Instead, users are taken to a fake page that allows them to click a fake ‘like' button."
Eset, a Bratislava-based computer security company with 100 million users worldwide, reported a jump in the spread of malware through social networking.
Once an FB profile migrates to Timeline, a user is given seven days to check its content before it is published online. Once published, Timeline cannot be disabled, said Joseph. This migration has caused heartburn among users.
Timeline by itself is not a security threat, Joseph explained, as it allows users to define who sees their personal information. But the privacy settings can be confusing.
Technology site cio.com commented: "The new Timeline has the potential to expose status updates and wall posts from years ago". Once hooked, a victim is led to a couple of phoney options and told the deletion request will be analysed, with a promise to revert to the user. "But then, nothing happens… this is a scam," Joseph said.
"A lot of people end up liking pages they have no clue about. When malware writers are able to waylay people towards these malicious websites, your system could be an unwitting victim of everything from viruses and trojans to password theft."
Malware-buster tips
Enable strict privacy settings on your Facebook account
Screen people before you add; don't add strangers as friends
Share only pictures and comments that you are comfortable with
Limit sharing too many personal details online
Use a good security software with the latest updates/patches
Use the latest patches of OS on your computer — to avoid holes that can be exploited by new viruses, worms and other threats
People tend to install a lot of third-party applications (for example, birthday finders). If you install a third-party application, make sure the third party developer is well-known and double check the permission you grant these applications (give only what is required, which can be open to misuse — such as posting messages on your chat)
Beware of applications that ask you to install a plug-in on the browser
Avoid clicking unwanted links or those that purport to be breaking news (like Gaddafi's or OBL's death) unless you trust the source (like cnn.com or bbc.com)
