Helping you balance your online life

Apr 16th


5 Security Dangers of Social Networking

Dave Waterson is the CEO of data security company SentryBay, makers of DataMask.

With about one and a half billion social network users worldwide, those regularly using social networks are key targets of cyber criminals. Social network users should be aware of the dangers that lurk in the interconnected world.
1. Hoaxes
Every month several hoaxes circulate around social networks. They encourage people to click on a link in an enticing story. One such hoax that entrapped many was the Facebook "Dislike Button" hoax, which encouraged users to install a "Dislike button". However, rather than install this button, it installed malware called "Virotex" on the user's computer and stole private information. Other hoaxes allege that a celebrity's iPhone has been hacked, and by clicking on the link one can supposedly view a leaked sex tape. These are almost always hoaxes where the link downloads malware.

2. Social engineering
Social engineering techniques capitalize on the trust people have for their social network contacts. An example is the Koobface malware that propagated through Facebook and Twitter. Once it had infected a PC, the malware sent a message to social networking friends encouraging them to click on a link. It leveraged the trust that social networking users have in their online friends. When the friends clicked on the link, they were directed to a webpage that installed the malware on their systems.

3. Identity theft and data mining
Social networking sites encourage users to enter and share as much data as possible. However, this data may be exposed to cyber criminals who can gather the information and use it in a cyber attack. Armed with information about you, a cyber criminal is able to craft an individualized message to entice you to click on a link and perhaps enter sensitive information such as bank login data. The more the cyber criminal knows about his target, the more he is able to tailor the attack, and the greater the likelihood the attack will be successful. Social networks are used for this intelligence gathering by criminals.

4. Shortened URLS
Twitter, for example, can shorten URLs in tweets. The danger is that users cannot read the actual destination before clicking on the URL. Shortened URLs are a technique used to take unsuspecting users to malicious sites such as phishing sites, and sites that contain drive-by downloads.

5. Phishing attacks
Social networking users are a prime target for phishing attacks where users are encouraged to enter sensitive login details into a fake site.

Tips to stay safe while social networking:
1. Ensure that you have enabled the highest security settings within the social network
2. Use a different password for social networking than you use for online banking
3. Do not divulge too much sensitive information on your social network page
4. Be careful when clicking on links on social networking sites – some posts that appear to come from your trusted friends could be hoaxes
5. Install a data protection software package such as DataMask to help protect against phishing and other cyber attacks

As people spend more and more time social networking, the security dangers are likely to continue as the platform gains increasing attention from cyber criminals.