Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • IT Management
    • Networking

    Telling Friends from Dangerous Foes in Social Network Security Maze

    By
    Brian Prince
    -
    December 2, 2009
    Share
    Facebook
    Twitter
    Linkedin

      PrevNext

      1Telling Friends from Dangerous Foes in Social Network Security Maze

      1

      by Brian Prince

      2Koobface Versus Facebook

      2

      Koobface has emerged as perhaps the most notorious worm affecting social networking sites. Variants of the worm have touched down on Facebook, MySpace and other sites such as hi5. Recently, the minds behind the malware discovered a way to automate the registration process for Facebook, as well as the process of adding friends and leaving messages with links to sites with malware on their Facebook walls.

      3Social Networking Spam

      3

      Spammers dont just use e-mail. They also use the messaging functionality of social networks to send out links to various sites, particularly sites with adult content. Earlier this year, researchers at AVG Technologies reported finding evidence that attackers circumvented Facebooks CAPTCHA technology in order to automate the creation of accounts and use them to spam out links to sites hosting rogue antivirus programs.

      4Stopping Spam in Its Tracks

      4

      Facebook uses a number of techniques to fight spam, including monitoring user activity for irregularities, such as a high number of rejected friend requests. One way Facebook fights spam from phished accounts is by detecting suspicious logins—if someone appears to be logging in from an unfamiliar location for example. If a user believes his or her account has been compromised to send spam, they should immediately reset their password and run an antivirus scan.

      5Phishers Hook Facebook, Twitter

      5

      Phishers take advantage of the popularity of sites like Twitter and Facebook by spamming out links leading to phony versions of the sites. A recent example of this is a scheme observed by Sophos in October where Twitter users were receiving links that led to a phony Twitter login page.

      6Fighting Phishers

      6

      For businesses worried about their employees who use social networks, the best defense against phishers is education. Consider showing employees real phishing e-mails so they are familiar with the tactics phishers use.

      7Shortened URLs Can Conceal Danger

      7

      The success of Twitter has made URL shortening services like Cligs and TinyURL extremely popular. Spammers have taken notice. Earlier this year, Symantecs MessageLabs reported the Donbot botnet was responsible for a spike in spammers abusing URL shortening services. During a three-day period in July, spam containing short URLs went from virtual nothing to 2.23 percent of all spam—some 3.5 billion spam messages a day.

      8Third-Party Apps Challenge Security

      8

      The ability of users to upload content and design is something by its very nature that is going to challenge security. When Facebook receives reports about vulnerabilities in third-party applications, the site notifies the developers, and may disable or sandbox applications until the issue is corrected. In the meantime, developers should make sure they check their applications for common vulnerabilities, and users should stay wary.

      9The Identity Issue

      9

      One of the most difficult issues to solve is the problem of people creating fake profiles. These profiles can be used to lure unsuspecting victims. For example, McAfee noted an uptick of fake LinkedIn profiles in January that hosted links leading to malicious sites.

      PrevNext

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×