Hundreds of credit cards exposed.

UPDATE: Blippy responds in their blog.

As reported by Mashable today Blippy, the online “service” that allows you to see what others have purchased and share your purchases, had an embarrassing and potentially dangerous security issue today. According to Mashable:

“Tipster Trey Copeland wrote to us with a link to results for the search: site:blippy.com +”from card”. That search returns results showing detailed purchase information for transactions. Each result highlights that there was a “debit card transaction” or “card transaction,” the amount spent, the specific location (address included) and the full card number.”

Mashable included a screenshot of Google’s search results, which show a number of compromised credit card numbers exposed. Don’t bother trying that search query: you’ll get an error message from Google instead.

The social media team I run at C-E has long speculated that this would happen. We couldn’t imagine why on earth anyone would share their purchases and trust all their credit card numbers to a social site that doesn’t sell anything.

TIP: As we warned a few weeks ago, there’s no reason to join Blippy. You do not ever need to share your purchases. It makes you a target. If you are a member, take immediate action to remove your financial information.

A generous nod to Gary Olson for the story.

Another click-jacking scam has surfaced on Facebook. Click-jacking scams like this are getting more clever and harder to detect each week. Unlike the previous farmville cash scam, this one is bold enough to use the copyrighted name and graphics. This makes it all the more insidious as thousands of FarmVille players will unknowingly click on this, assuming it to be legitimate.

Here’s the attribute to watch out for:

1. Despite the proper spelling and artwork this time, the scammers still gave a huge clue: FarmVille has a capital ‘F’ and ‘V’. Their version is all lowercase.
2. No logo on the “Allow Access” screen
3. Hundreds of negative reviews, but only two fans.
4. The “Allow Access” screen says that farmville is for “Sending buildings to friends.” Since when?

TIP: Always check the link and reviews of any app before adding it. If an app has thousands of players, but only a few fans, or hundreds of negative reviews, it’s a scam. It did not come from your friend. Your friend’s account was either unknowingly compromised, or they were tricked by it as well.

A large number of WordPress users are noticing that they cannot log into their blogs this weekend. Or if they can log in, their site has an iframe that points to a malware site (networkads.net/grep). Original posts on the story pointed it at blogs hosted by Network Solutions. NetSol, however, claims it is not just them—that other hosts are being infected as well. They mention a “rogue plugin” however they will not say which one it is, and so far, the only complaints have been from NetSol blogs. Another early “fact” claimed by many was that this attack was only hitting 2.92 users, but comments indicate other versions have been hit as well.

Sucuri Security has a fantastic write-up of the attack, details and the fix, which will likely scare those unfamiliar with PHPMyAdmin. According to Sucuri:

“What is interesting about this attack is that it does not create or modify any files, so the average security advice does not apply here. The only thing is does is to modify your “siteurl” inside the “wp-option” table to point to http://networkads.net/grep/, breaking the site layout completely.”

If you find yourself infected, and are confused by the directions, do yourself a favor: ask a geeky friend to do this for you. It’s not beginner stuff.

TIP: One thing you can do immediately without accessing your wp-options table is turning off, then simply removing your xmlrpc.php file from your WordPress install. It’s always at the top level (root) of your WordPress install.

Has your blog been hit by this attack? How did you fix it?

If you haven’t looked at our Speaking section lately, take a look. We’ve got a number of events and conferences coming up this spring. Did you know that we are available to speak at your conference, university or business?

We are available to speak on a variety of topics, including:

1. Social Media Security Issues
2. Privacy 2.0
3. Phishing Scams in Social Media
4. Security Procedures for Businesses
5. The Mindset of Security
6. Protecting Your Blog
7. Twitter and FourSquare and GoWalla. Oh My!
8. Do You Know What Your Children Are Sharing?
9. Which Social Network is Safest?

F’acebook Antivirus

Notice the misspelling in Facebook. Facebook was pretty quick to remove this particularly nasty scam, but not before hundreds of thousands of profiles were infected. People have been wising up and deleting these scams as soon as they appear, but this one doesn’t seem to want to be deleted! Users on Facebook forums have been complaining that after deleting it, the photo remains.

TIP: According to Facebook Insider, there is only one way to remove this scam from your profile:

1. Open your photos
2. Click the offending picture
3. Look for your name in the list of people tagged
4. Click the ‘Remove Tag’ link that appears beside your name
5. The photo will then disappear. Just deleting it will not work.