Spam and Malware have been found in Dropbox and Facebook, warns Symantec Security Response. Spammers and Malware authors are using Dropbox public folders as free hosting sites. In this example below, spammers have created several Dropbox accounts, uploading an image (such as the below) and a simple .html file and then using the image to link to a pharmaceutical site.
[ad#Google Adsense 336×280]
During a 48-hour period, Symantec detected over 1,200 unique Dropbox URLs being used in spam. Since Dropbox is a widely-used service (with smartphone applications) users might view Dropbox URLs as more trustworthy and therefore more likely to open them.
Symantec Security Response has also detected a Brazilian Portuguese malware message claiming to contain photos and asking if they can be put onto a popular social networking site. The links in the email point to a Trojan hosted on Dropbox.
In February 2012 on Facebook, Symantec has detected a phishing site recommending a fake application that allegedly removes the “Timeline” profile for Facebook users. The phishing site, hosted by a free web hosting site, displays a Facebook Timeline promotion video from YouTube, with the claim “Remove Timeline Now”.
For more information, please proceed to Symantec’s Security Response blog post here:
Symantec advises Internet users to follow best practices to avoid phishing attacks:
- Do not click on suspicious links in email messages.
- Avoid providing any personal information when answering an email.
- Never enter personal information in a pop-up page or screen.
- When entering personal or financial information, ensure the website is encrypted with an SSL certificate by looking for the padlock, ‘https’, or the green address bar.
- Frequently update your security software (such as Norton Internet Security 2012) which protects you from online phishing.