The popularity of social networking sites such as Facebook, Twitter and LinkedIn is continuing to grow dramatically, but not just with users. Cybercriminals increasingly are targeting these sites and their troves of sensitive, personal information.
"While many of these sites are great for finding friends and connecting with business partners, users are sharing more information than ever before - and the bad guys are taking note," said Andy Hayter, anti-malcode manager of ICSA Labs. "And it is not just about the sensitive data that users are exposing; the threats are also coming from scams, viruses and other forms of malware that can take many forms on these sites."
ICSA Labs, an independent division of Verizon Business, offers these helpful tips on how consumers can enjoy social networking while protecting themselves from security threats:
- Be wary of worms, Trojans and botnets that can infect and take control of your computer. Access to sensitive documents and personally identifiable information poses a significant threat to users. The Koobface worm, for instance, infected hundreds of thousands of Facebook users in June. Users received a video claiming to be from a Facebook friend, but after downloading the video, the worm distributed the malware to a user's Facebook friends and granted attackers full access to the user's computer.
- If you receive a request to connect from someone you do not know, do not accept it. Trojans are infamous for tricking victims into providing sensitive information and are increasingly surfacing on social networking websites. By taking over a user's contacts or "friend" list, the Trojan sends invitations to the user's friends to try to infect their computers as well. The ZeuS Trojan is one example of malware that is remotely controlled by criminals who infect computers, wait for users to log on and then try to gain access to their bank accounts.
- Do not share too much personal information. Hackers can easily piece together different bits of information posted to Facebook and other sites and compile a complete profile of an individual's identity, especially using birth date information. With this knowledge, hackers can trick users with targeted information that only a "friend" would know.
To safeguard against misuse of personal information, it is important for users to review and understand the privacy policies on social networking sites to make sure they disclose personal information. In addition, users should regularly check their credit report and other financial statements to verify their identity is unharmed.
- Be careful where you click. Just because a link came to a user from someone the user knows - a "friend" - does not mean it is safe. Users can easily check by rolling over the link for a moment before clicking to verify the Web address is legitimate. Link shorteners, such as bit.ly and tinyurl, are becoming common practice and making hackers' jobs even easier as they try to mislead victims into clicking on malicious links.
- Use and frequently update software security programs. Updating security software is the simplest way to protect a computer from malware like worms, viruses, Trojans and clickjacking. Users should make sure that their anti-virus, firewall and spyware products are up-to-date and that they have installed the latest software upgrades. Products should also be certified by an accredited third-party organization, such as ICSA Labs, and meet the appropriate standards.
Added Hayter, "A lot of it comes down to 'whom do you trust?' and making smart decisions about who users accept as their friends on these sites. If users pay close attention to whom they are connecting with, what they are clicking on, what they post on these sites and keep their security software updated, they'll be in a much safer place."
About ICSA Labs
ICSA Labs, an independent division of Verizon Business, offers third-party testing and certification of security products and network-connected devices, such as printers and faxes, to measure product compliance, reliability and performance to many of the world's top security vendors. Visit http://www.icsalabs.com and http://www.icsalabs.com/blogs for more information.
About Verizon Business
Verizon Business, a unit of Verizon Communications (NYSE, NASDAQ: VZ), is a global leader in communications and IT solutions. We combine professional expertise with one of the world's most connected IP networks to deliver award-winning communications, IT, information security and network solutions. We securely connect today's extended enterprises of widespread and mobile customers, partners, suppliers and employees - enabling them to increase productivity and efficiency and help preserve the environment. Many of the world's largest businesses and governments - including 96 percent of the Fortune 1000 and thousands of government agencies and educational institutions - rely on our professional and managed services and network technologies to accelerate their business. Find out more at www.verizonbusiness.com.