The message that popped into Laurie Gale's Facebook inbox last month seemed harmless enough — a friend had seen a video of her and had sent a link so she could view it.
The link led to a video site that prompted her to update her video software, which she did.
"Within seconds, everything started shutting itself down," says Gale, a 37-year-old lamp-works artist from Versailles, Ky.
Gale's new Dell Inspiron laptop had been infected with malicious software, or malware, that has spread through social networking sites like Facebook and MySpace.
"I cried for an hour," Gale says. It took a trip to the local computer repair shop and several phone calls with Dell customer-service representatives for her to restore the computer to its factory settings. "It was three days of torture."
The popularity of social networks and social media sites has grabbed the attention of cyber crooks searching to pilfer passwords, called "phishing," and steal sensitive personal information.
The hackers are exploiting users' sense of safety within these sites, says Pat Clawson, chief executive of Lumension Security, a computer security company.
Earlier this month, Twitter, a social site in which users communicate in short bursts of text, was hit in a campaign to steal users' account passwords. On business-networking site LinkedIn, criminals set up fake celebrity profiles that, when visited, downloaded malware onto users' machines.