Social Network Scams: Biggest Security Threat For 2011

Sophos, an IT security and control company, has been vociferously critical of Facebook and its attitudes towards the personal security of its users. In the company’s annual review of last years malware scene and the prospects for 2011, the company lays out some of the reasons why.

Just this week, Sophos criticised Facebook for the social network’s decision to allow application developers to access users’ phone numbers and addresses. Facebook pointed out that this was only by consent of the user but has, at least temporarily, withdrawn its plans.

Facebook Attacks Have Doubled

Graham Cluley, senior technology consultant at Sophos, told eWEEK Europe, “Facebook has turned about face a little bit because there was so much outcry regarding the sharing of data and the lax attitude they were showing about it – which is good because it showed them that people didn’t love Facebook as much as it thought. But I think we have to wait to see what they are really going to do.”

In the Sophos report, Security Threat Report 2011, the analysis of last year claims that cyber attacks on social networks have more or less doubled between April, 2009, and December, 2010. With over 500 million users, Facebook is by far the most important aocial networking site and should be, Cluley maintains, leading the way in protecting its users

“I think there are two possibilities with Facebook. One is that they simply don’t get privacy and security. The only other possibility is that they don’t care. I’d like to think it’s still possibly the first one and they might learn – but I’m beginning to increasingly suspect it might be the second.”

Friendly Environment Helps Scammers

For the report, Sophos asked 1,273 users about their Facebook experiences. Two-thirds of the sample claimed to have been spammed and 43 percent claimed to have been targeted by phishing attacks. The reason for this is because users are in a seemingly secure environment and are much more likely to click on links that apparently come from friends than they are when responding to emails, Cluley said.

“I think [the scammers] are doing this because they find it easier to get their links and other dangerous stuff to people via social networks than they do by traditional email. That’s why we need Facebook, in particular – but there are others as well – to up their game when it comes to security,” he said. “They should be scanning every message to see if it contains a malicious link. They should be scanning to see if it contains spammy content. Just like Gmail, Yahoo and Hotmail do.”

He pointed out that the plans to issue every user with a facebook.com email address this year will introduce new opportunities for cyber-crime and will open people up to even more abuse.

Despite the fact that 82 percent of the survey sample felt that Facebook posed the biggest risk, the report indicates that the biggest and most successful attack of 2011 was the so-called “onMouseOver” worm that hit Twitter users. This cross-scripting attack hit several high-profile Tweeters.

WikiLeaks Attacks Shows Corporate Threat

Cluley also warned of distributed denial of service (DDoS) attacks like those which followed the hounding of Wikileaks and caused the site to switch hosting service repeatedly. The fact that a corporate site can be brought down by these DDoS attacks shows how vulnerable Web presence has become.

The problem is that senior managers do not realise the value of investments which successfully block DDoS attacks – simply because nothing much happens. Most companies will not invest in securing their Internet presence until something bad happens to them, says Cluley.

Education is the key to security awareness. Sophos has an educational toolkit for companies that want their staff to be more aware of the social networking threat. However, there are many areas where the average user lacks the knowledge of how to avoid malware.

“Many computer users still don’t realise that you can wind up with something nasty on your machine simply by visiting a Website,” Cluley said. “Over the year we saw an average of 30,000 new malicious URLs every day – that’s one every two to three seconds. More than 70 percent of these are legitimate Websites that have been hacked.”