The virus watchdog blog for McAfee labs reports that Facebook is aware of the Koobface attack and is already working to remove the spammed links from its system. But with dozens of Koobface variants known to exist, McAfee warns that “the situation is likely to get worse before it gets better.”

via: http://blog.wired.com/business/2008/12/koobface-virus.html

“Phishing” emails appear to come from a trusted source — in this case the College/University campus IT Department — and send you to a web site to gather (verify) some personal information. This web site may look like it is legitimate but it is not. [ Wikipedia on Phishing ]

In the reported scam — campus network usernames and passwords were gathered from students staff and faculty. It is reported that in 42 of these campuses the gathered information was later used to break into the campus network.

Phishing scams are more commonly found targeting banking and online shopping sites like eBay. I am not sure what information the originators of this scam were looking for — possibly financial records.

At this point Tyndale has not seemed to be targeted in this “Phishing trip”

The question du jour is this: WOSWJU? Or, What Operating System Would Jesus Use? A trite question? Hardly. Anyone interested in the eternal fate of their computer data should concern themselves with finding the truth (Truth?) behind this question. Instead of just giving a pat-answer let’s go through our options, shall we?

Read: What OS Would Jesus Use?

Web forms are a great way to gather information from our web visitors – sometimes we get information and send it off to staff or faculty – sometimes we take it and store it in a database – sometimes we even post that stored information on our web site directly – like Alumni news.

Web forms are also a great way for spammers to send their spam. The spammers write programs (spam-bots) that scour the web looking for forms to fill out making sure to include their message in the content. Their hope is that people will not check their form data and the spammers content will get posted online or sent through to email.

We have many forms throughout our web site. Some of these forms have been found by the spam-bots and have been receiving a great amount of spam entries. In an attempt to squash these we have installed Akismet – Akismet analyzes our form content to determine whether it is spam or not and sends back the result – we then determine what to do with that information. We log all the spam attempts and we record all real data as we normally would.

Here are some quick statistics regard spam attempts in the Alumni section of our web site:

Since September 28, 2006 we have blocked 20,291 attempts to submit spam through our forms. Today alone – from 12:01 am to 9:15 am we have blocked 147 attempts.

Are you having problems with a form on the Tyndale web site. Submit a HelpDesk request and let us know – we will work towards a solution for you.

Google learned of a security issue with the Public Service Search service and disabled login functionality temporarily to protect the Public Service Search users while we were working to fix the problem.

For more information please read this post.

The search will still work however our custom look and feel has been stripped from the results page. Google hopes to have everything back to normal soon.

I am going to be honest with all you spammers – I don’t need any stock tips – I don’t need anything enlarged or enhanced – I have a watch (several in fact) – I don’t want to start a home business and fire my boss – well ok I don’t want to start a home business

It is bad enough that I get 100+ a day that get caught by SpamAssassin but I am now getting 50+ a day that are making it through for whatever reason???

On top of that I am having to spend way more time making online forms more secure against hackers and now spammers – time that I could be spending on other useful development.

I haven’t got all the answers at this point – I just know that these “Spackers” are getting coal this Christmas!