Facebook users are at risk not just from vicious attacks by trolls.

The global cybersecurity company Kaspersky Lab found several cases of Facebook phishing attacks that victimized some 10,000 people in just two days.

In a press statement, Kaspersky Lab said one of its security experts “uncovered a malware attack that tricked around 10,000 Facebook users around the world into infecting their devices after receiving a message from a friend claiming to have mentioned them on Facebook.”

The devices were then used to hijack Facebook accounts to spread the infection through the victim’s friends and to enable other malicious activity. Although the Philippines was not among the hardest-hit countries, this should alert us to the growing risks posed by social media.

Scan for malware

Kaspersky Lab advises consumers who think they may have been infected to run a malware scan on their computers or open their Chrome browsers and look for unexpected extensions. “If these are present, they should log out of their Facebook accounts, close the browser and disconnect the network cable from their computer. Get a professional to check for and clean away the malware.”

The security expert found that in the first stage of the attack, a Trojan was downloaded onto the user’s computer that installed, among other things, a malicious Chrome browser extension. In the second stage, the malware allowed the takeover of the victim’s account when he/she logged back into Facebook using a compromised browser.

The “intruder” was able to change privacy settings, extract data and more; spread the infection to the victim’s Facebook friends or undertake other malicious activity such as spam and identity theft, and generate fraudulent “likes” and “shares.”

Kaspersky Lab found that “people using Windows-based computers to access Facebook were at the greatest risk, while those using Windows OS phones could possibly have been at some risk. Users of Android and iOS mobile devices were immune since the malware used libraries, which are not compatible with these mobile operating systems.”

Cyber-safety tips

To protect against such malicious attacks, Kaspersky Lab suggests these basic cyber-safety practices:

Install an antimalware solution on all devices and keep OS (operating system) software up-to-date.

Avoid clicking on links in messages from people you don’t know, or in unexpected messages from friends.

Exercise caution at all times when online and on social media networks; if something looks even slightly suspicious, it probably is.

Implement appropriate privacy settings on social media networks.

PRC at the mall

The Professional Regulation Commission (PRC) has opened satellite offices at Lingkod Pinoy Centers of Robinsons Galleria Ortigas and Robinsons Place Manila.

The PRC Mobile Extension Services kiosks offer renewal of professional identification card (PIC) and application for licensure examination. They are open on weekdays, 10 a.m.–6 p.m.

Other PRC satellite offices will open soon in Robinsons Place Santiago (Isabela), Robinsons Place Bacolod, Robinsons Place Iloilo, Robinsons Place Dumaguete, Robinsons Place Tacloban, Robinsons Galleria Cebu, Robinsons Place General Santos and Robinsons Place Butuan.

Robinsons Malls has 30 Lingkod Pinoy Centers, a public-service program of Robinsons Land Corp., nationwide with 19 participating government agencies.

Send letters to The Consumer, Lifestyle Section, Philippine Daily Inquirer, 1098 Chino Roces Ave. cor. Mascardo and Yague Sts., 1204 Makati City; fax 8974793/94; or e-mail [email protected]