It seems that everybody is on some kind of social network these days. Checking out what our friends are doing has become part of daily routine. In today’s world, they are the ideal tool for keeping in touch, but they also represent one of the biggest sources of danger.
A new IBM X-Force report shows there are some very interesting insights about the cybercriminal’s use of social networks as a springboard into you computer and various accounts.
Social networks – especially Facebook – have seen an adoption rate so high that every other technology pales in comparison. They can be accessed not only through a computer, but also via mobile devices, and that makes them eminently accessible.
But, even though the technology is new, the threats coming at us from this source are not.
Phishing, malware, 419 fraud schemes, identity theft, data harvesting, accounts as command and control channels for systems harnessed in a botnet – all of these nefarious schemes have been around for quite some time, usually using emails as a bridge to access the victim.
But social networks have a characteristic that makes them especially useful to cybercriminals – they have an informal feel. You choose your contacts, and that single act of approving them once makes it more unlikely to question the nature of messages and fail to recognize the danger in some of them.
“We’re all friends here,” you’re thinking to yourself, and you’re mind chooses to ignore the things that would usually set off alarm bells in your head. Who knows – maybe it’s our inherent sense of safety that we get when surrounded by lot of people? Safety in numbers, so to speak. In any case, most of us are just less careful.
The author of the article in the report regarding social networks has concluded with a great piece of advice that everybody should take to heart: Trust, but verify.
“If your friend sends you a link that looks questionable, make sure it’s legitimate prior to clicking on it. If they send you a message about being stuck in a foreign land and need money, ask them specific questions that only they would know to verify their identity. If you receive a software update from your favorite site, don’t install it. Instead, in another browser window, visit the vendors’ site directly and verify that an update is necessary,” he says.
In this new world, where the Internet is strewn with malicious sites and a playground for malicious persons, it pays to think twice before you click.
To get more in-depth information about the various schemes that take advantage of social networks, download the report here.