Help! Facebook Spam Messages

Wow, that many people have viewed my profile on Google? Or wait…is it YouTube?

If you have received a private message on Facebook from a friend (and it could be a friend you trust!) with a video that says you’ve received an outrageous amount of views on Google or YouTube (or any other site) with your name on it, they all have one thing in common:

These messages are bogus

I have received several of these in the last few months, here is what they look like:

Look, ma, I’m famous! 595,902 views!! Or…not. This is just a clever phishing scam to get you to click on the link. It’s pretty enticing, right? DON’T DO IT!

What Happens When You Click On The Link:

The message is a scam. There is no video. If you click the link, you will be taken to a fake website designed to look like a Facebook login page.

“What is the harm in that”, you ask? This fake page, asks you to log into Facebook again. It looks identical to Facebook, but it isn’t Facebook. If you login through this page, the scammers steal your information and hijack your Facebook page. After they do this, they start sending private messages to your entire friend list like the one I’ve shown you in the picture above, with the same link you received. Once they have access to your Facebook page, they can post, send and link apps on your behalf.

Criminals can also use this or similar schemes to trick people into downloading malware or installing other apps and malicious browser plugins.

What Do I Do If My Account Has Been Compromised?

Try to secure your account as quickly as possible. The first step is to change your password. Go through all your security settings. It is quick and easy.

Secondary to that, go through your messages and let your friends know (those who were messaged) not to click on the link).

Facebook has some great help links, it is a good idea to see if anything else has been compromised. Most likely an app has been authorized and needs to be removed from your account. I

If you think yours or your friend’s account has been hacked, you can read more about that on Facebook’s help center here.

Are you sick of spam? We’re reducing email spam now!

Trademark300dpiThis week we are rolling out some new updates to our mail server which will help reduce the amount of spam being received by our customers. We’ve recently noticed an increase in spam over the last few months and decided to take action. This update will include a new settings panel in cPanel called “MailScanner Configuration”; here you can fine-tune how you want to handle a message when it is detected as possible spam. We went ahead and configured this for you and you should already be seeing a reduction in the amount of spam received.

You may start to see some emails come in that start with {spam?} or {Disarmed} but this is just the new spam blocking system working. You can delete these emails if they are spam or treat them as you would a normal message. If you have any specific questions or would like us to make some changes to your account, please contact us or open a support ticket.

We are always striving to improve the quality of service at TrevNet Media – and no one hates spam email as much as we do!

Heartbleed Vulnerability Update

heartbleedThe Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows information to be stolen that is protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).

Services at TrevNet Media

We have been asked multiple times over the last week regarding our hosting infrastructure, your data, and our managed hosting servers. All of our effected servers have been updated and the security hole has been patched. Due to the nature of this security bug, it’s not possible for us (or anyone else effected) to tell you if your passwords may have been compromised since no data is logged. We can, however, assure you that all of our managed servers running OpenSSL have been updated since April 9th.

Heartbleed Explained

The problem affects a piece of software called OpenSSL, which is used for security on popular web servers. With OpenSSL, websites can provide encrypted information to visitors, so the data transferred (including usernames, passwords, and cookies) cannot be seen by others while it goes from your computer to the website.

Heartbleed exploits a built-in feature of OpenSSL called heartbeat. When your computer accesses a website, the website will respond back to let your computer know that it is active and listening for your requests: this is the heartbeat.

Check out this article to read more about how it works.

heartbleed_explanation.png.pagespeed.ce.jwNX4Q4jukSource: http://xkcd.com/1354/

What you should do

If you want to be on the safe side, we would recommend that you reset your passwords on any accounts you have with our services where you connect with SSL. While we don’t know if any data was stolen while any of our systems were vulnerable, it’s a possibility.

Over 60% of the internet was effected by this bug; this includes many popular sites you most likely use, or have used. Check out this list to get up to date. It includes websites like Facebook, LinkedIn, Google, GoDaddy, Netflix, Hulu, and more.

Inspiring Work Spaces

Shirts

This past week we had a contest across multiple social media channels asking people to submit pictures of their offices, work spaces, or simply the view from their perspective while working. In turn, the prize for the most “liked” picture would be an amazing custom designed TrevNet T-shirt.

We had some great responses from Twitter, Facebook and Instagram. Not only did we see pictures of your average indoor offices but we saw perspectives from military personnel, work-from-home professionals and some pretty creative perspective shots.

We are glad the winner wasn’t left up to us because it would have been hard to choose the best one. To give you an idea what amazing entries we had, check out all the submissions below:

Looking at all these offices got us thinking. You all need to decorate! Inspiration is hard to find so we figured we would help you out with some inspiration. Here are some great office spaces we found that would make anyone want to redesign:

And the Winner Is:

After a week of submissions, and 7 days of waiting (wait, a week is 7 days, right?)…the picture with the most likes, shares, comments (and views, but really – likes are the only thing that count here) is – drum roll please – Justin Willemsen!! Justin’s photo was posted to Facebook so, Justin, we will be contacting you via FB to get your information and send you your prize. Check out Justin’s amazing photo below; what an awesome shot. You got skillz, son.Justin

And Just because we are feeling super generous…

The picture with the second most likes will also be getting a prize! At a very close second, The Cupertino Soap Company Posted their work space view on Instagram and received quite a few likes. Check out how creative they got:

cupertinosoap

Thank you to everyone who sent us their photos, it was awesome to see how everyone works, what inspires people and just how different everyone’s work environments are.

What is your ideal work space look like? It’s not too late to send us a photo or drop us a comment. Keep an eye out for our next freebie; what would you like to see next?

WordPress Under Attack!

If you haven’t heard in the news already, hackers have been laying a massive, global siege on WordPress sites across the Internet. Their main focus is to exploit the default “admin” accounts WordPress sets up for you when you first start out. If these hackers gain access to your site, this could pave their way to potentially take control of your server.Wordpress Hack

Host Gator has run analytical reports and believes around 90,000+ IP addresses have been involved in this dictionary attack. According to TechCrunch, CEO Matthew Prince of CloudFlare, believes these hackers are using 100,000 bots strong for their strikes.

CloudFlare believes these attacks are being conducted using only low powered home PCs but feels these hackers’ intentions are to build a much larger army of botnet servers in order to carry out larger attacks in the future.

Steps to avoid your site from being compromised:

1. Choose a stronger password.

2. There are several WordPress plugins you can install to help ward off these hacks

An email was issued this morning from Mark Maunder, CEO of Wordfence also suggesting to “disabled and deleted all unused themes and plugins”. Read full email below.

Dear WordPress Publisher,

I'm sure you've seen the news reports during the last 72+ hours about a "massive" 
"global" "distributed" brute force attack on WordPress systems. 

Brute force attacks are ongoing, and this is simply an increase in frequency. To 
protect yourself, make sure all default accounts like "admin" have been deleted 
or renamed and that your passwords are very difficult to guess. A brute-force attack
is a relatively unsophisticated attack where one or more remote machines try to 
guess your password. 

The more successful attacks are attacks where a back-door known only to a hacker 
(a zero day vulnerability) is exploited to gain access to your system without 
logging in. The Timthumb vulnerability which I discovered and fixed last year is 
an example of this. I haven't seen any reports of a new "zero day" vulnerability
being exploited in this attack. 

The nature of the attack does suggest that a large portion of the brute force 
attacks currently underway may be originating from an individual or a single group. 
If successful this will result in a single individual or group having access to a 
large distributed network of compromised WordPress servers on relatively high 
bandwidth links. They can then launch further attacks from this platform. However, 
whether the attacks are being orchestrated by one person or one group should not 
affect how you protect yourself. 

In this case:

1. Make sure your "admin" account has been renamed.

2. Make sure all your passwords are difficult to guess.

3. Make sure you've disabled and deleted all unused themes and plugins. 

Don't be alarmed if you see an increased flow of login attempts on your Wordfence 
live traffic screen (The Logins and Logouts panel). As long as your passwords are 
hard to guess and you've removed the "admin" account, you'll most likely be just 
fine. If you're bored, you can manually block each malicious IP address using 
Wordfence, or even block the originating Networks. But I'm not doing this on my 
personal sites because I have strong passwords and no admin account.

Regards,

Mark Maunder

Wordfence Creator & Feedjit Inc. CEO.

PS: If you aren't already a member you can subscribe to our WordPress Security and 
Product Updates mailing list here. You're welcome to republish this email in part or
in full provided you mention that the source is www.wordfence.com. If you would 
like to get Wordfence for your WordPress website, simply go to your "Plugin" menu, 
click "add new" and search for "wordfence".

Despite this current attack, WordPress is still a leading website platform for several industries. If you need quick guidance as to how to change your username from admin to something new:

To rename your WordPress ‘admin’ user:

  1. Sign in as ‘admin’.
  2. Create a new user using the steps below.
  3. Choose a hard-to-guess username, but don’t make it so difficult that you’ll forget it.
  4. Make that user’s role “administrator”.
  5. Choose a password that has upper and lower-case letters and numbers in it. Symbols are OK too. Never use the word ‘password’ in your password, even if it has a different case and includes numbers.
  6. Click “Add new user”.
  7. Sign out as ‘admin’.
  8. Sign in as the new user.
  9. Delete your old ‘admin’ user and assign all posts/pages/comments to your new admin user.
  10. Congratulations, you now have a more secure WordPress system.
    Instructions provided by Wordfence

If you need further help, feel free to contact us and we’ll be happy to assist you.