Survey reveals social networkers’ risky behaviors

Members of online social networks may be more vulnerable to financial loss, identity theft and malware infection than they realize, according to a new survey from Webroot.

Surveying over 1,100 members of Facebook, LinkedIn, MySpace, Twitter and other popular social networks, Webroot uncovered numerous behaviors that put social networkers’ identities and wallets at risk. Among the highlights:

  • Two-thirds of respondents don’t restrict any details of their personal profile from being visible through a public search engine like Google;
  • Over half aren’t sure who can see their profile;
  • About one third include at least three pieces of personally identifiable information;
  • Over one third use the same password across multiple sites; and
  • One quarter accept “friend requests” from strangers

Social Networks Present New Opportunities for Cybercriminals

Cybercriminals employ various types of trickery and malware to capitalize on risky behaviors. One common tactic is phishing, which hackers use to entice victims into downloading an infected file, visiting a disreputable site outside the social network, or wiring money to a “friend in distress.”

In recent months, Webroot has seen an increase in these types of attacks on social networks, including “Trojan-MyBlot,” which targeted users of, and others targeting Facebook users including “Koobface” and several spread through the domains “,” “” and “”

Sophisticated means to execute attacks on social networks: The Webroot survey respondents who reported experiencing identity theft, a hijacked account and unauthorized username or password changes may have been victimized by hackers who were able to access their profiles and guess their passwords based on the personal information they included.

Summary of Key Findings

Results of the Webroot survey indicate a general lack of awareness of the security risks on social networks and the tools available to protect personal information, as well as higher rates of risky behaviors exhibited by younger social networkers.

Social networkers make private information public:

  • 80 percent allow at least part of their profiles to be searchable through Google or other public search engines; 66 percent don’t restrict any profile information from being visible through public search
  • Over half (59 percent) of respondents aren’t sure who can see their profile
  • Over one quarter (28 percent) accept friend requests from strangers; of those, one third (36 percent) do not cloak any of their profile information
  • About one third (32 percent) include at least three pieces of identifiable information

Privacy concerns outweigh protective actions:

  • 78 percent expressed some concern over the privacy of the information they share in their profiles
  • However, 36 percent use the same password across multiple sites
  • And 30 percent do not have adequate protection against viruses and spyware

Younger users take more risks – 18-29 year olds are more likely to:

  • Use the same password across multiple sites (51 percent, versus 36 percent overall)
  • Accept a friend request from a stranger (40 percent, versus 28 percent overall)
  • Share more personal information that may compromise online privacy (67 percent share birth date, versus 52 percent overall; 62 percent share home town, versus 50 percent overall; 45 percent share employer, versus 35 percent overall)
  • Experience a security attack (nearly 40 percent, versus 30 percent overall)

Don't miss