Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

Resolved Question

Fake Facebook notification with link to OMGCLAN site

Apr 20, 2012 2:46AM PDT

I received a fake Facebook notification of a vulgar comment supposedly on one of my postings. I foolishly clicked on the link which took me to a different page and then to Facebook. The actual link was to (DO NOT visit this site) www.omgclan.eu/e107_files/cache/fb.html.
I'm concerned about what this link was for. I immediately changed my Facebook password but then I realized that the page hadn't done anything other than forward me to Facebook, so I wonder if it installed some malware. Anyone know?

Note: This post was edited by a forum moderator to disable and to add warning for link on 04/20/2012 at 10:31 AM PT

Discussion is locked

waremail-cnet has chosen the best answer to their question. View answer

Best Answer

- Collapse -
Odds are
Apr 20, 2012 3:24AM PDT

Odds are, the site was designed to install some kind of malware on someone who, like you, was foolish enough to click on that link, but compounded it by clicking on it while using Windows and Internet Explorer. So some bit of malware would have been installed which might steal passwords, etc.

However, it is possible that the site used a XSS attack, so after closing your browser and reopening it, you may want to change the password on your facebook account again, as well as make sure to report that you did something stupid to facebook, so they can make sure to flag your account for additional scrutiny in the future. Someone could have grabbed your new password, and then also set it up so that an email address of their choosing is notified every time you change the password. Or less sophisticated, they'd just use your account to post spam in your name all over the place until you wised up.

Just remember this lesson for the future and be careful about just what links you click on. Using a Mac doesn't automatically make you immune to all threats out there, just the ones aimed specifically at Windows and/or Internet Explorer. There are plenty of social engineering techniques, like the one you fell for, which can affect Mac, and *nix users in equal measure with Windows users.

- Collapse -
Is there a recommended tool I can use to detect any malware?
Apr 20, 2012 5:22AM PDT

I apologize for adding that link. After I posted it I realized that it was not a good idea but I felt it was relevant to my question. I guess I should have done something like you did. Thanks.
I will add that normally I check all links like that but for some reason (not enough coffee) I didn't. It was only when I saw the window flicker before it went to Facebook that I realized what I had done.

- Collapse -
Nope
Apr 20, 2012 7:19AM PDT

Nope... Malware is kind of a new concept in the Mac world, and there isn't the established cottage industry of programs like there is for Windows where this sort of thing has been going on since Microsoft had the brilliant idea known as ActiveX which debuted in IE3. Though in their defense, as a mitigating factor, that was still well into the age of innocence on the Internet by and large. Just too bad it took them until IE7 to finally start trying to lock things down a little... But I digress.

There are the malware scanners in commercial AV programs, but considering there's so little in the way of malware for the Mac, they are kind of unnecessary at the moment. Of course my usual metaphor is to say that you imagine yourself on a beach, and off in the distance you see storm clouds... Only now the skies over Mac land are overcast and the first few drops of rain are starting to fall.

All I can really say for now is kind of keep vigilant and be ready. The way things usually work is that first there has to be sufficient demand for malware removers before anyone wants to devote the time and resources into making one. So there's going to be a bit of a lag time to contend with between when there's a need for one, and one actually exists. You need to be prepared to survive the apocalypse until then.

- Collapse -
Answer
NOTICE - That link MAY BE DANGEROUS!
Apr 20, 2012 3:33AM PDT

Both Jimmy and myself have asked the Forum Admin to remove that link in your post.

If it does lead to a malicious web site, (I am not about to test it), visitors here could click it in error and find themselves with the same problems as you.

Please reconsider posting such links in the future.

Mark