Tuesday, June 7, 2011

Anti-Social Networking

Anti-social networking
The more we tell the world, the easier it is for crooks to use information in ways we never intended.

    Published: 8/06/2011 at 12:00 AM
    Newspaper section: Business

Have you ever received an intriguing message posted on your Facebook wall - presumably from one of your friends - asking you to click the link provided? Or an advertising testimonial on Twitter from your favourite football player?

Perhaps you have found a fake Facebook account with your name and profile picture. That happened to a Thai university professor shortly after the Japanese earthquake and visitors were tricked into believing that she was raising money for disaster relief.

Everyone these days enjoys using social networks, but the more we tell our friends - and the world - the more vulnerable we become to cybercrooks and scam artists. And now that businesses are increasingly using the likes of Facebook and Twitter for marketing, they too are becoming highly vulnerable to having their entire online presence compromised.

Identity theft is becoming a major danger for social network users, according to Kaspersky Lab, a Russian-based IT security and threat management company. For one thing, people don't always know their online friends in real life, and social networks do not usually verify the identities of users creating accounts.

Security experts say that "identity hijacking" involves a profile being created using the victim's real name, and then that person's real friends are infiltrated. The identity thieves cultivate their contacts and then threaten victims with the publication of embarrassing pictures or compromising comments. The only thing that will save their victims' virtual reputations is money.

A general user's information and picture offer a cybercriminal an easy point of entry to steal an identity and create a fake account, says Nakrop Niamnamtham, managing director of nForce Security Systems AP, an information security solution distributor.

"Social networks are a double-edged sword. In my own experience, I received negative reactions from my friends and later found that those friends had formed a bad impression based on messages and activities on my fake Facebook account," Mr Nakrop recalled.

In some cases criminals use the real name and photo of an attractive woman to create a fake account and lure men to transfer money. The real person has no idea what's going on.

Social networks are also becoming key distribution points for malware or malicious software, the recent Koobface worm that affected Facebook being a prime example, according to Kaspersky Lab.

This secretive worm sent several waves of private messages to Facebook users, announcing that new photos featuring them had been published online. Clicking on the link in the message infected the user's PC, enabling it to be controlled remotely by hackers.

The PC then becomes part of what's known as a botnet, a network of computers that is used to attack other networks or for sending spam. Koobface distributes itself via existing user accounts and their friend lists on social networks.

It does so by sending comments and messages that contain, for example, links to fake YouTube pages, inviting users to download the current version of Flash Player to view the video. Instead of adding video or Flash to their systems, however, the worm infects them.

Nopchai Tangthritham, a technical director of Symantec, the US-based security software vendor, says that the inherent trust we place in social networks, especially of messages coming from friends, makes it easy for attacks to succeed.

He said his company also found that hackers were using shortened web links to hide malware, especially on Twitter.

Mr Nakrob noted that most social networks allow a user to set different privacy settings for confirmed friends in contrast to public strangers. Facebook distinguishes three groups of visitors - direct friends, friends of friends, or everyone - which helps classify the level of information and photos to share with others.

But how many users are aware of and know how to adjust their privacy settings? Despite repeated warnings and heavy media coverage, most people never touch their Facebook settings after initially making a few clicks on the day they set up their accounts.

Third-party applications such as games and horoscopes will ask users' permission to access their detailed information, so before using any third-party app via a social network, one needs to check its authenticity.

"Even for such a little piece of information such as a birthday that you share on your social networking site, a bad guy can use this basic information for an answer to a security question to verify your credit card identity," Mr Nakrob said.

Because so many people now use social network sites at work, threats to corporate IT networks are growing.

While some companies have IT policies that explicitly regulate the use of sites such as Facebook or Twitter, few block employee access to social networking sites because some departments have legitimate needs to use those sites for marketing, sales and customer service.

Mr Nakrob suggested that all companies should set security policies for social networks. For instance, if an employee posts photos or information related to customers on a personal Facebook account, that information could be leaked to rivals or have even worse consequences.

Meanwhile, existing security firewalls are not keeping up with new types of applications, particularly those related to social networks, YouTube or Skype. This is leading to increased demand for next-generation firewalls to use in organisational security.

Some security vendors, including Palo Alto Networks Thailand, are providing next-generation firewalls that allow businesses to set controls on the use of social networking or limit it to authorised employees. For instance, they may allow viewing and replying but not posting video or documents on a wall. This could prevent the posting of inappropriate content that violates the law or risks leaks of trade secrets.

-----

SOCIAL MEDIA ATTACKS

FACEBOOK

Likejacking Cybercriminals create intriguing posts that exploit interest in seasonal events, celebrity news and even disasters.

Users who click the links inadvertently act as accomplices to the attacker because the malicious scripts automatically repost the links, images or videos on their contacts' walls. Popular version of this attack causes user profiles to "Like" a Facebook page without their consent

Rogue applications Cybercriminals use Facebook's open platform to applications for spam posts or phishing attacks

Attacks via chat Facebook's built-in chat feature makes cybercriminals spread malware and to promote phishing applications

TWITTER

Spammed Tweets Cybercriminals create compelling posts with links. Examples include promotions for free vouchers, job advertisements or testimonials for weight-loss products

Malware downloads Most popular tactic is the use of video-related posts, which lead create users to a fake YouTube page where they could download a malicious file

Twitter bots Use of Twitter to manage and control botnet zombies

MY THOUGHTS

This is getting scarier and scarier.