The truth about the Facebook Profile Viewer is simple: it doesn’t exist.

You can check every Facebook page or app available, but you can be 100% sure that each one that says “See who viewed your profile!” or “Who’s stalking you?” is just a ruse for Facebook users to reveal their passwords or spread spam. How do they do this? Clickjacking is a surefire way. In a typical clickjacking attack, cybercriminals hide malicious content under the guise of legitimate pages and may use malicious JavaScript to load content from third-party sites, all in a few clicks.

But what happens if cybercriminals turn to different and newer techniques? Having users type in commands on their keyboard would be a real game changer. Here’s how:

Ctrl+FB

A closer look at a comment within a spammed wall post showcases the start of a different strategy for spammers this time around.

Once you click the link on the comment box, it will redirect again to Facebook Log in Page with Pinterest.

Once logged in, the site redirects to another malicious URL that claims to be “Official Facebook Profile Viewer.” Clicking the ‘Get Started’ button redirects to image with keyboard shortcuts with instructions for users to carry out.

Read the rest of this entry »

Windows XP is officially on its last legs – as far as Microsoft is concerned. There is less than a year remaining before official support ends for the 11-year-old operating system on April 8, 2014.

For users, the biggest impact of this will be that Microsoft will no longer release security updates for Windows XP vulnerabilities after that date. This wouldn’t be a problem, if it weren’t for the fact that so many users are still using XP. Net Applications data says that even now, more than a third of all PCs are still on XP. It was not until August 2012 that the number of Windows 7 users exceeded Windows XP users according to this data.

The potential for criminals to take advantage of this situation is significant. As long as there are significant numbers of XP users, they will continue to be targeted – and new exploits will continue to see the light of day. In the absence of any security patches from Microsoft, these will be all that more dangerous. (To highlight how they’re still finding new security holes in Windows XP, consider this: every Patch Tuesday in 2013 so far has had at least one Critical bulletin that covered XP.)

All users still on XP should consider upgrading right away. Most users may be due for an upgrade in their systems anyway, since it’s been years since XP was sold to end users. However, enterprise and other Windows XP users may well have had reasons not to migrate up to this point – for example, custom software that requires XP to work. However, running software that will never be patched is a significant gamble – particularly software that has been as enduring a target as Windows XP is.

Read the rest of this entry »