SECURITY: Security and Social Networking - Are You Protecting Yourself
Recent Gauteng Business News
According to Nielsen, the amount of time spent by people across the world on social networking sites is growing at a rate of 82% a year, with users spending hours of their time every month on sites like Facebook, Twitter and YouTube. While social networking has changed the way in which people interact and even do business, it has also opened up users and companies to a wide range of risks in the form of security threats. As usage continues to grow, these threats only become bigger and more of a risk.
The very nature of sites like Facebook encourage users to share details about themselves that they would not necessarily tell a stranger in a bar, and yet some people are more than willing to place personal information on a public forum that the whole world can see. This makes people vulnerable not only to identity theft but a host of other sinister threats. The reality is that the more time people spend online using social networking websites, the more time and opportunity this gives cyber criminals to obtain detailed information about users, exposing them to threats and making them victims of what has become the most profitable form of crime in the world.
Hacking is one danger when using social networking sites. If your profile is hacked, cyber thieves will be able to access all of your information, even that which is kept private from strangers, including your name and surname, date of birth, contact details, school history and so on. When combined with keystroke logging software and Trojans, these details can be used for many malicious acts.
For instance, if a cyber criminal gets hold of your bank login details using a Trojan, and then uses this to access your account and transfer funds, the bank may phone for confirmation. The criminal may have already been able to change your telephone details through the information they have gleaned by hacking your social networking profile, and will then have all of the necessary information to confirm the transaction without your knowledge. This information may also be sold on the black market to the highest bidder, a highly lucrative trade in the cyber crime industry.
Personal details gathered from these public forums may also be used in other ways, such as spear phishing, a more sophisticated version of phishing. Spear phising enables a cyber criminal to target a specific person by getting them to disclose personal details or open an infected link or attachment. These emails are cleverly masked, appear genuine and have a high probability of success.
Social networking worms and Trojans have also become a reality. These worms propagate across social networking sites, infecting machines through links and applications, creating large botnets and enticing users to share these links or applications with their friends, thereby hacking more machines and enlisting even more hapless victims into the botnet. In fact one such worm, known as Koobface, has been hailed by researchers as the largest botnet in Web 2.0.
Third party applications on social networking sites are a dangerous business. Aside from frequently masking malicious software tools, the third party platform applications for Facebook often give application developers access to far more information than they need to run their applications, including personal details, pictures, interests and so on. If the application developer is less than honest then this information can be sold, often for large profits, to advertising companies or cyber crime syndicates.
Cyber crime has overtaken the drug trade as the most profitable form of crime in the world, and social networking is often the platform used to perpetrate these crimes. In fact it has become an area of extreme interest for the FBI in the United States, which is now looking into the online black market and listing the most wanted traders on their database and tracking them down. However the reality is that they will never be able to catch all of the criminals out there, so it is up to users of social networking sites to do everything they can to protect themselves from harm.
Users need to educate themselves on the nature of the threat, and become as sceptical of people, links and applications in social networking the same as they would be on emails. It is also a good idea to limit the amount of personal information shared on social sites. As a rule of thumb, if you would not tell it to a stranger, do not put it on your profile.
Another point to bear in mind is to be wary of shortened links. These have become common practice, especially on Twitter where the number of characters on an update is limited, but these links can easily mask redirects to malicious sites and the user will be unaware of the fact. Again, be sceptical and do not click on a link from someone you do not explicitly trust.
It is also advisable to have sophisticated security software to protect against malicious threats and to remove worms, Trojans and so on before they can do too much damage. Look for a solution that has a range of scanners and barriers and maintains a database with all of the latest signatures of Trojans, Cookies and Key loggers and ensure that the definitions are updated at least once a day if not more to make certain that protection covers the latest threats.
Social networking is here to stay and we cannot avoid all of the risks. We can however manage them through a combination of education, awareness, common sense and the very best in sophisticated security software.
Business News Sector Tags: Business| Media| Security| Infotech|