A recent BitDefender survey found that Facebook scams spread because a majority of users don't warn friends when an app goes viral on their newsfeeds.
Social networking sites can do so much more to protect their
users from malware and social engineering attacks. A recent research study
suggests users have to shoulder some of the responsibility, too.
A majority of users are unaware that posts on Facebook could
pose a security risk and those who were aware did not warn their friends of suspicious
links, according to the results of a BitDefender study released March 29.
In a survey of 2,700 users between the ages of 18 and 65,
BitDefender found that only about 43 percent of the responders warned their
friends if they noticed suspicious posts and activity on their friends'
newsfeeds. Most of the participants clearly recognized the threats, as 87 percent
said they had noticed when a suspicious application went "wild" on their
friends' news feeds, such as the number of people who have viewed the profile,
wrote Sabina Dactu, e-threats analysis and communications specialist at
BitDefender, on the MalwareCity
Despite recognizing something was wrong, a majority of the
survey participants, or 68 percent, didn't warn their friends because they had
clicked on the link themselves and helped spread the infection, Dactu said.
Others either didn't have the time to let friends know or just didn't want to
bother, she said.
"Friendship has its limits, doesn't it?" Dactu wrote.
On average, participants had 137 friends on a social
network, but nearly 42 percent of those friends were people they didn't
actually know, according to BitDefender's report.
A separate report by ID Analytics released March 22 reached
similar conclusions. Men on social networking sites were more likely than women
to accept "friend" requests from members of the opposite sex, regardless of how
well they know the requester, the ID Analytics report found. In fact, the
report estimated that 5 percent of adults in the United States will accept any
friend request they receive, even if it came from a stranger, according to the
The concept of a friend is very fluid in the online world, Thomas
Oscherwitz, chief privacy officer for ID Analytics, told eWEEK. People are
beginning to realize that they are exposing a lot of private information to
these strangers on social networking sites.
BitDefender also recently analyzed Facebook scams and found
that the top techniques offered some kind of stalking, such as letting users
see "who viewed your profile," or features that Facebook doesn't offer, such as
"who poked me the most," according to BitDefender. "Profile traffic insights,"
or stalking apps, accounted for 34.7 percent of the analyzed scams. BitDefender
estimated that this particular type of scam has generated more than 1.4 million clickthroughs.
"Shocking images" accounted for 14.1 percent, and were links
to fake news articles or videos with titles about how amazing or frightening
the following item was. There were also scams for games not actually offered by
Facebook, which made up 8 percent, according to BitDefender's analysis.
While most of these malware apps are eventually shut down by
Facebook, some of these apps can do more than just spam newsfeeds and trick
users into filling out surveys. They have access to users' personal
information, which can be used by the attackers in a follow-up targeted attack,
or sold to someone else, according to BitDefender.
A staggering 93 percent of the respondents stated that they
either don't need a security solution for Facebook or that they were unaware of
the existence of these solutions, said Dactu.