What to do if you get hit by the Facebook brunga.at virus attack

Most of my hits lately have been people searching for information on bunga.at or another variant, like kirgo.at, nutpic.at, or 151.im. I’ve put together bits and pieces of information on the continuing Facebook phishing attack, but here’s a quick guide on what to do if you’ve already fallen for it:

• IMMEDIATELY change your passwords, particularly if you use the same password for Facebook as you do for other sites, like your bank or e-mail. This is the most important thing you can do, and the number one way to protect yourself from further, serious damage.
• Report the breach to Facebook by e-mailing them at privacy@facebook.com. They're likely getting dozens of e-mails on the topic every second, but if they have your info they might be able to scrub any damage done before it gets passed much further.
• Post a link on your wall to articles like this or the Facebook Phishing Scam Awareness group and let your friends know you've been compromised. It happens, but spreading the word about what they can do can minimize the damage.
• Check your sent messages: You might be able to see who you've forwarded the worm to, and if so you can reply to all the people and warn them not to click your link. This won't always work but is worth a try.
• Run anti-virus. Some users who've been hit have reported getting attacked by a Windows executable, and de-activating whatever nasty payload you might have gotten should be your next priority after changing your passwords and trying to prevent the virus from spreading further. If you don't have anti-virus already installed, learn your lesson and at a minimum, go install AVG, which is free. Many, many schools and service providers also give out free anti-virus to their students and customers.

Facebook itself had a few anti-phishing recommendations:

• Use an up-to-date browser that features an anti-phishing black list. Some examples include Internet Explorer 8 or Firefox 3.0.10.
• Use unique logins and passwords for each of the websites you use.
• Check to see that you're logging in from a legitimate Facebook page with the facebook.com domain.
• Be cautious of any message, post or link you find on Facebook that looks suspicious or requires an additional login.

Further Reading:

• Facebook virus attacks continues: Check kirgo.at, nutpic.at, and brunga.at continue to lure unwary
• Facebook says "Check 121.im"; Common sense says don't
• Facebook's blog post on how to Protect Yourself Against Phishing
• Find your Facebook message history