Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Facebook Hackers Compromise Van Gogh Museum Page

Sophos : 11 February, 2011  (Technical Article)
Sophos calls on corporate Facebook users to be vigilent about their security practices in the wake of a Facebook page hack affecting the Van Gogh Museum
IT security and control firm Sophos is advising businesses to review their Facebook security practices, following news that the Facebook page for the Van Gogh Museum in Amsterdam has been targeted by scammers.

Messages were posted on the compromised page, including links to a version of the money-making scam "I was logged into Facebook for XXXX hours in 2010" that Sophos has previously warned Facebook users about.

The Van Gogh Museum has posted an update on its page, apologising for the spam messages and asking how it can prevent the abuse happening again:

"We're so sorry about the automatic spam messages that seem to keep on appearing on this page about the hours we've been loged on to facebook. We did not post these! Does anyone know how we could prevent this happening again?"

On this occasion, the scammers appear to have posted messages to the Van Gogh Museum's Facebook page via the 'Mobile Uploads' photo gallery.

This facility allows Facebook users to post status updates to a Facebook page remotely by sending an email to a unique address - every Facebook account has a specific email address for this purpose.

"If someone was able to work out the museum's unique email address for uploading mobile photographs, then they would be able to post photos - and links to their survey scams - with ease," said Graham Cluley, senior technology consultant at Sophos.  "It may, therefore, be time for the museum to refresh its mobile upload email address."

Firms using Facebook are advised to implement strict security best practices to reduce the chances of falling victim to survey scams and spam campaigns that could affect other Facebook users.

"All of the Van Gogh Museum's Facebook administrators will need to clean out any rogue applications that they may have mistakenly allowed to access their Facebook profiles, and make sure that they have chosen hard-to-crack unique passwords," added Cluley.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo