RISMEDIA, September 9, 2010–The popularity of social networking sites such as Facebook, Twitter and LinkedIn is continuing to grow dramatically, but not just with users. Cybercriminals increasingly are targeting these sites and their troves of sensitive, personal information.
“While many of these sites are great for finding friends and connecting with business partners, users are sharing more information than ever before — and the bad guys are taking note,” said Andy Hayter, anti-malcode manager of ICSA Labs. “And it is not just about the sensitive data that users are exposing; the threats are also coming from scams, viruses and other forms of malware that can take many forms on these sites.”
ICSA Labs, an independent division of Verizon Business, offers these helpful tips on how consumers can enjoy social networking while protecting themselves from security threats:
1. Be wary of worms, Trojans and botnets that can infect and take control of your computer. Access to sensitive documents and personally identifiable information poses a significant threat to users. The Koobface worm, for instance, infected hundreds of thousands of Facebook users in June. Users received a video claiming to be from a Facebook friend, but after downloading the video, the worm distributed the malware to a user’s Facebook friends and granted attackers full access to the user’s computer.
2. If you receive a request to connect from someone you do not know, do not accept it. Trojans are infamous for tricking victims into providing sensitive information and are increasingly surfacing on social networking websites. By taking over a user’s contacts or “friend” list, the Trojan sends invitations to the user’s friends to try to infect their computers as well. The ZeuS Trojan is one example of malware that is remotely controlled by criminals who infect computers, wait for users to log on and then try to gain access to their bank accounts.
3. Do not share too much personal information. Hackers can easily piece together different bits of information posted to Facebook and other sites and compile a complete profile of an individual’s identity, especially using birth date information. With this knowledge, hackers can trick users with targeted information that only a “friend” would know.
To safeguard against misuse of personal information, it is important for users to review and understand the privacy policies on social networking sites to make sure they disclose personal information. In addition, users should regularly check their credit report and other financial statements to verify their identity is unharmed.
4. Be careful where you click. Just because a link came to a user from someone the user knows – a “friend” – does not mean it is safe. Users can easily check by rolling over the link for a moment before clicking to verify the Web address is legitimate. Link shorteners, such as bit.ly and tinyurl, are becoming common practice and making hackers’ jobs even easier as they try to mislead victims into clicking on malicious links.
5. Use and frequently update software security programs. Updating security software is the simplest way to protect a computer from malware like worms, viruses, Trojans and clickjacking. Users should make sure that their anti-virus, firewall and spyware products are up-to-date and that they have installed the latest software upgrades. Products should also be certified by an accredited third-party organization, such as ICSA Labs, and meet the appropriate standards.
Added Hayter, “A lot of it comes down to ‘whom do you trust?’ and making smart decisions about who users accept as their friends on these sites. If users pay close attention to whom they are connecting with, what they are clicking on, what they post on these sites and keep their security software updated, they’ll be in a much safer place.”