In a presentation at RSA, Sophos security expert Graham Cluley outlined some of the main threats targeting Facebook, Twitter and other social networking sites and what strategies need to be adopted to fight them.
From Koobface to spam to fake Facebook Fan pages, attacks targeting
social networks are evolving to bring a new level of insecurity to an
enterprise.In his presentation Wednesday at the RSA Conference in San Francisco, Sophos Senior Technology Consultant Graham Cluley detailed some of the common types of attacks and what needs to be done about them. The attacks spanned from instances of phishing to incidents involving assumed identities, such in one scam where someone created a fraudulent Facebook Fan page for Cluley himself.
"When you've got a big enough orchard, there's going to be some bad apples," he told the audience.
The attacks work, of course, because people are more trusting of
information that appears to be coming from people they know, he said.
In a test, researchers created two Facebook profiles - one with a
rubber duck as the profile picture and the other one with a cat - and
sent out 100 friend requests to people in the same age group as the
bogus account holders.What they found will probably be unsurprising to most security pros -
more than 40 percent of the people requested accepted the invites from
the fictitious accounts."It
was actually slightly worse with the cat...because we had people we
hadn't even approached decide to become friends with us, because they
(saw) their other friends become friends with us," Cluley said.Such
tricks can be used to lure users into clicking on malicious links or
other content as well. For that reason, social networks need to do a
better job of scanning for malicious content, Cluley said. With more
people using Facebook instead in place of regular e-mail, users need to
get the same level of malware scanning that would expect from their
webmail services, he said."We
need to the social networks to scan that kind of information...there's
too much relying on the users to report bad actors," he said.Social
networks have their work cut out for them. In a recent survey of 502 IT
pros, Sophos found more than 33 percent had received malware through a
social networking site.Facebook cut a deal with
McAfee recently to add another layer of security for its users.
Last month, the companies announced a deal McAfee would offer the
owners of compromised Facebook accounts a free remediation tool, and
Facebook users were offered a complimentary six-month subscription of
that many businesses have chosen to ban social networks, Cluley
suggested enterprises instead consider educating their employees about
social engineering risks, as well as other best practices such as not
using the same password for multiple sites."Just remember - just because someone says they're you're friend, doesn't mean they necessarily are," he said.