Posts Tagged ‘personal information’

Facebook spam now plays your favorite music

Posted: May 25, 2011 in Scam, Social Networks, Spam
Tags: , , , ,
0

Wouldn’t it be cool if you had immediate access to your favorite music and bands? What if these are readily available on your favorite social networking site?

Trend Micro recently noted messages and wall posts circulating on Facebook that promote a supposed new music player feature.

“The script used in this spam run is now detected by Trend Micro as JS_FBJACK.B. Similar to other previously reported Facebook spam runs, once users access the alleged link, they are redirected to a site that tells them to follow several steps. The first of which is to copy a particular snippet of code onto their browser address bars, reminiscent of the “See You… In 20 Years!” Facebook attack, which spread via multiple features,” Trend Micro’s Threat Researcher, Marco Dela Vega noted in a blog post.

Once done, the malicious script accesses the affected user’s Facebook friends list. From this list, it creates wall posts and sends chat messages to the accumulated Facebook contacts. The wall post and message read:

“FaceBook finally added a profile music player! I’ve been wanting one of these forever! [LINK]“

The post contains any of the following links:

  • http://{BLOCKED}ures.webs.com/profilemusicplayer.htm
  • http://{BLOCKED}okfeatures.webs.com
  • http://{BLOCKED}ures7.webs.com/aboutme.htm
  • http://{BLOCKED}cplayer.webs.com
  • http://{BLOCKED}ilemusic.webs.com

All of the links above currently redirect to a single URL, a scam site telling the affected users that they won a certain prize. The site then asks them to give out personal information.

Click for larger view

Fox databases hacked: Personal data of 250,000 participants for X FACTOR at risk

Posted: May 4, 2011 in Data Loss, News
Tags: , , ,
0

The FBI is said to be investigating a potential hack of the databases of applicants for the American version of the British show, The X Factor, and could affect as many as 250,000 people, according to an email. The sensitive contact information of hopeful kids as young as 12 could now be in the hands of hackers.

People who have applied to go on the US version of the show, have been warned not to reply to emails from Fox, Rupert Murdoch’s US TV network broadcaster, particularly if those emails request personal information.

In a statement on its website, Fox alerted its users:

This week, we learned that computer hackers illegally accessed information you and others submitted to us to receive information about The X FACTOR auditions. As you may recall, the information you provided to us did not include your Social Security number or any financial information (such as bank account or credit card information), and you were not required to enter a user name or password to access our site. As a result, no financial information, Social Security numbers, or passwords were accessed by this unauthorized party. It is possible, however, that the information you did provide to us, which included your name, email address, zip code, phone number (which was optional), date of birth, and gender, may have been accessed.

Fox.com and The X FACTOR will never ask you to email personal information such as financial data, credit card numbers, Social Security numbers or the user name or passwords you use to access other websites. If you receive an email that appears to be from Fox.com or The X FACTOR asking for personal information, please forward it to askfox@fox.com and then delete it, as it did not come from us. You can also send an email to askfox@fox.com if you have any questions or concerns.

If you fear that your data might have been exposed, keep a keen eye on your email inbox for fraudulent communications.

If you think your child has applied, maybe this is a good time to have a chat with them about all of this and warn about possible unwanted emails and phone calls.

Texas Comptroller Susan Combs takes responsibility for largest personal information breach in Texas

Posted: May 3, 2011 in Data Loss, News
Tags: , , ,
0

Texas Comptroller Susan Combs has announced a series of additional actions her office is taking to address the unauthorized posting of certain personal information on one of the agency’s file transfer servers. The security breach that took place two weeks ago, led to the breach of sensitive data of 3.5 million people in Texas.

“I am deeply sorry this incident occurred and I take full responsibility for it,” Combs said. “This incident has affected the lives of Texans that I have dedicated my life to serving, and I am determined to restore their faith in the Comptroller’s office. That’s why we are taking additional actions to assist those who were affected and implementing new policies and procedures to help ensure this never happens again.”

The additional measures being taken to assist those affected by the incident include:

The free credit monitoring service, provided through CSIdentity, alerts subscribers to certain activity associated with their credit files, such as credit inquiries, or account openings, closings or delinquencies. Subscribers will also receive CSIdentity’s Internet surveillance service, which monitors chat rooms and websites for personal information.

In a separate service paid for by Combs’ campaign fund, CSIdentity will provide identity restoration services to anyone whose personal information is misused as a result of the data posting. To qualify for this offer, individuals must be enrolled in CSIdentity’s free credit monitoring service offered to those affected. There is no indication that anyone’s personal information has been misused in connection with this incident.

Some people whose personal information was affected may have already signed up for discounted credit monitoring and identity protection services offered by several service providers through the Comptroller’s office. Those companies have cancellation and refund policies, and individuals who signed up can contact the companies if they wish to cancel.