MIAMI -- Social networkers of the world, it's time to amp up your security software and put on your cynical cap before clicking on friend requests and links to "funny videos." Facebook and Twitter will be the top targets for cyber attacks in 2010, according to several security firms.
Networks such as Facebook are a gold mine of information for identity-theft scams. You might have stumbled upon a cyber-attack or two before on Facebook. It's usually an inbox message from someone you don't talk to often, with the message: "Hey is this you in this video? LOLZ!!!" followed by a strange link with random letters in it.
Click on the link, and it can take you to a site that will download a program designed to steal your personal information and spread the malicious link to all your Facebook connections, without you knowing it. The Koobface worm was one such program. In 2009, the CA Internet Security Business Unit found more than 100 mutations of that worm.
But it's more than inbox links. It can be a friend request from a fake account, or an invitation to an event that takes you to a page that looks like a Facebook event, but instead takes you to a page to download something.
Dave Marcus, director of security research and communications at McAfee, has seen a few of those tactics on Facebook, as well as sites with advertisements for fake products that steal your credit-card info when you think you're only buying something.
Those that recognize fakes are in the vast minority of users, Marcus said. This is because on social networks people are more trusting of links and get click happy. Users might think twice about clicking something unusual in an e-mail, but they are more likely to click without thinking on Facebook or Twitter.
The popularity of URL shorteners adds to the problem. Sites such as http://bit.ly or http://tinyURL.com let you paste in a long URL and then generate a link that is only a few characters long -- usually just random letters and numbers. URL shorteners are widely used on Twitter, which limits how many characters you can type.
URL shorteners mean users are getting used to clicking links not knowing where they're going, and trusting that nothing bad will happen.
"I think people need to look at the Internet with a little more skepticism and stop always accepting things being sent to them as real," Marcus said.
No comments:
Post a Comment