Help! Facebook Spam Messages

Wow, that many people have viewed my profile on Google? Or wait…is it YouTube?

If you have received a private message on Facebook from a friend (and it could be a friend you trust!) with a video that says you’ve received an outrageous amount of views on Google or YouTube (or any other site) with your name on it, they all have one thing in common:

These messages are bogus

I have received several of these in the last few months, here is what they look like:

Look, ma, I’m famous! 595,902 views!! Or…not. This is just a clever phishing scam to get you to click on the link. It’s pretty enticing, right? DON’T DO IT!

What Happens When You Click On The Link:

The message is a scam. There is no video. If you click the link, you will be taken to a fake website designed to look like a Facebook login page.

“What is the harm in that”, you ask? This fake page, asks you to log into Facebook again. It looks identical to Facebook, but it isn’t Facebook. If you login through this page, the scammers steal your information and hijack your Facebook page. After they do this, they start sending private messages to your entire friend list like the one I’ve shown you in the picture above, with the same link you received. Once they have access to your Facebook page, they can post, send and link apps on your behalf.

Criminals can also use this or similar schemes to trick people into downloading malware or installing other apps and malicious browser plugins.

What Do I Do If My Account Has Been Compromised?

Try to secure your account as quickly as possible. The first step is to change your password. Go through all your security settings. It is quick and easy.

Secondary to that, go through your messages and let your friends know (those who were messaged) not to click on the link).

Facebook has some great help links, it is a good idea to see if anything else has been compromised. Most likely an app has been authorized and needs to be removed from your account. I

If you think yours or your friend’s account has been hacked, you can read more about that on Facebook’s help center here.

Inspiring Work Spaces

Shirts

This past week we had a contest across multiple social media channels asking people to submit pictures of their offices, work spaces, or simply the view from their perspective while working. In turn, the prize for the most “liked” picture would be an amazing custom designed TrevNet T-shirt.

We had some great responses from Twitter, Facebook and Instagram. Not only did we see pictures of your average indoor offices but we saw perspectives from military personnel, work-from-home professionals and some pretty creative perspective shots.

We are glad the winner wasn’t left up to us because it would have been hard to choose the best one. To give you an idea what amazing entries we had, check out all the submissions below:

Looking at all these offices got us thinking. You all need to decorate! Inspiration is hard to find so we figured we would help you out with some inspiration. Here are some great office spaces we found that would make anyone want to redesign:

And the Winner Is:

After a week of submissions, and 7 days of waiting (wait, a week is 7 days, right?)…the picture with the most likes, shares, comments (and views, but really – likes are the only thing that count here) is – drum roll please – Justin Willemsen!! Justin’s photo was posted to Facebook so, Justin, we will be contacting you via FB to get your information and send you your prize. Check out Justin’s amazing photo below; what an awesome shot. You got skillz, son.Justin

And Just because we are feeling super generous…

The picture with the second most likes will also be getting a prize! At a very close second, The Cupertino Soap Company Posted their work space view on Instagram and received quite a few likes. Check out how creative they got:

cupertinosoap

Thank you to everyone who sent us their photos, it was awesome to see how everyone works, what inspires people and just how different everyone’s work environments are.

What is your ideal work space look like? It’s not too late to send us a photo or drop us a comment. Keep an eye out for our next freebie; what would you like to see next?

LG’s Prank On Job Applicants

What better way to show off the quality of your latest product then by scaring the living dickens’ out of someone with it?

LG thought just that as they introduced their new 84-inch “Ultra HDTV” to some unsuspecting job applicants in Chile. By setting up their TV to resemble a window over looking a cityscape the team had setup hidden cameras all over the room to capture the look on the candidates’ faces. You can tell by the applicants’ reactions just how life-like the quality is on the device.

This latest prankvertisement by LG seems to be successful after already capturing over 2 million views on Youtube and going viral on several social channels.

WordPress Under Attack!

If you haven’t heard in the news already, hackers have been laying a massive, global siege on WordPress sites across the Internet. Their main focus is to exploit the default “admin” accounts WordPress sets up for you when you first start out. If these hackers gain access to your site, this could pave their way to potentially take control of your server.Wordpress Hack

Host Gator has run analytical reports and believes around 90,000+ IP addresses have been involved in this dictionary attack. According to TechCrunch, CEO Matthew Prince of CloudFlare, believes these hackers are using 100,000 bots strong for their strikes.

CloudFlare believes these attacks are being conducted using only low powered home PCs but feels these hackers’ intentions are to build a much larger army of botnet servers in order to carry out larger attacks in the future.

Steps to avoid your site from being compromised:

1. Choose a stronger password.

2. There are several WordPress plugins you can install to help ward off these hacks

An email was issued this morning from Mark Maunder, CEO of Wordfence also suggesting to “disabled and deleted all unused themes and plugins”. Read full email below.

Dear WordPress Publisher,

I'm sure you've seen the news reports during the last 72+ hours about a "massive" 
"global" "distributed" brute force attack on WordPress systems. 

Brute force attacks are ongoing, and this is simply an increase in frequency. To 
protect yourself, make sure all default accounts like "admin" have been deleted 
or renamed and that your passwords are very difficult to guess. A brute-force attack
is a relatively unsophisticated attack where one or more remote machines try to 
guess your password. 

The more successful attacks are attacks where a back-door known only to a hacker 
(a zero day vulnerability) is exploited to gain access to your system without 
logging in. The Timthumb vulnerability which I discovered and fixed last year is 
an example of this. I haven't seen any reports of a new "zero day" vulnerability
being exploited in this attack. 

The nature of the attack does suggest that a large portion of the brute force 
attacks currently underway may be originating from an individual or a single group. 
If successful this will result in a single individual or group having access to a 
large distributed network of compromised WordPress servers on relatively high 
bandwidth links. They can then launch further attacks from this platform. However, 
whether the attacks are being orchestrated by one person or one group should not 
affect how you protect yourself. 

In this case:

1. Make sure your "admin" account has been renamed.

2. Make sure all your passwords are difficult to guess.

3. Make sure you've disabled and deleted all unused themes and plugins. 

Don't be alarmed if you see an increased flow of login attempts on your Wordfence 
live traffic screen (The Logins and Logouts panel). As long as your passwords are 
hard to guess and you've removed the "admin" account, you'll most likely be just 
fine. If you're bored, you can manually block each malicious IP address using 
Wordfence, or even block the originating Networks. But I'm not doing this on my 
personal sites because I have strong passwords and no admin account.

Regards,

Mark Maunder

Wordfence Creator & Feedjit Inc. CEO.

PS: If you aren't already a member you can subscribe to our WordPress Security and 
Product Updates mailing list here. You're welcome to republish this email in part or
in full provided you mention that the source is www.wordfence.com. If you would 
like to get Wordfence for your WordPress website, simply go to your "Plugin" menu, 
click "add new" and search for "wordfence".

Despite this current attack, WordPress is still a leading website platform for several industries. If you need quick guidance as to how to change your username from admin to something new:

To rename your WordPress ‘admin’ user:

  1. Sign in as ‘admin’.
  2. Create a new user using the steps below.
  3. Choose a hard-to-guess username, but don’t make it so difficult that you’ll forget it.
  4. Make that user’s role “administrator”.
  5. Choose a password that has upper and lower-case letters and numbers in it. Symbols are OK too. Never use the word ‘password’ in your password, even if it has a different case and includes numbers.
  6. Click “Add new user”.
  7. Sign out as ‘admin’.
  8. Sign in as the new user.
  9. Delete your old ‘admin’ user and assign all posts/pages/comments to your new admin user.
  10. Congratulations, you now have a more secure WordPress system.
    Instructions provided by Wordfence

If you need further help, feel free to contact us and we’ll be happy to assist you.

What is Planking?

Remember “planking”? Recently, this was one of the hottest trends on the Internet. I’m sure you or one of your friends, at one point, had seen it or maybe even tried it. What’s so neat about these trends are the ever evolving imaginations it conjures in people.  What pushes trends to this evolutionary state has been propelled into hyper drive by the growing popularity of social media and the ability to share just about anything with one click of your mouse. If you want to stay on top of the developing trends, there is an unspoken requirement to be immersed in social media. If you aren’t ‘plugged in’ you are definitely going to be left behind and boy will you be embarrassed when you are still planking while everyone else is owling, tebowing, batmanning, snailing…

Which brings me back to my original question: What is planking anyway?  We plank while we sleep so that doesn’t take much talent, but here at TrevNet, we are hardcore, and since we are pioneers of all things awesome we choose to stay in front of the trends.

…we Batman:

…and we Snail:

…but we don’t plank!

What are you doing to stay on top of the lightning fast, ever-changing social media revolution?