Tuesday, May 3, 2011

Social Networking and Security Risks



The popularity of Social Networking websites have been increased drastically.Every one from child to old are on a Social Networking website.Facebook,Twitter are some of them who are popular now a days.They can be used for professional networking  job searches , Internet Marketing etc...These Social Networking sites can be a very good source for entertainment and learning purpose but it also have it's own security risks about which many are not aware till now.These security risks can be very dangerous for general peoples and children's.

Previously i had gone deep into the Facebook scams spread over the world wide web on which i posted a article at my blog.Now I will aware you guys about the Social Networking Security Risks through my article exclusive on hackersbay.in

WHAT ARE SOCIAL NETWORKING WEBSITES ?

Social networking websites function like an online community of internet users. Depending on the website in question, many of these online community members share common interests in hobbies, religion, or politics. Once you are granted access to a social networking website you can begin to socialize. This socialization may include reading the profile pages of other members and possibly even contacting them. 

There are a variety of people in these websites whom we don't know..Online meeting is not enough to understand and study a people if he a right guy to do friendship with..There is always a risk of Blackmailing,Malware Spreading,Identity Theft etc..


Generally peoples who are aware of the risks and dangers  of Social Networking can take his way out of these crimes done via Social Networking and the Peoples not aware about this will surely be a prey...


There is a maximum of Social Engineering used by the Hackers in these crimes


=============================================================================
DANGERS/RISKS OF SOCIAL NETWORKING.


Facebook

Events and Questions

You must be knowing about the famous scam that was on Facebook some days before "View Who Viewed your Profile" . I remember i got more than 20 invites for that event..These events can be used by the hackers as a source through which they can use their social engineering skills on you.You cannot even know they are hackers and using their skills on you ... The new Facebook feature "Questions" will even help them

Now lets take a Example

You are invited to a Event called "About me" or A friend asked you through the Question feature..

They will include some questions because the topic itself tell About Me

1. What was my most embarrassing moment?
2. Which City you were born ?
3. What was the name of my first elementary school?
4. What was my favorite pet’s name?
5- What is your father's name


These question are not harmful to answer in a general conversation with your friends or relatives.But if you look at the questions carefully they are security questions asked in the SOCIAL NETWORKING SITES. Using this sensitive information to the secret questions they can access your account and you will be ruined.

You can read this story and think how you can suffer  

 Facebook Applications




Applications Facebook offers thousands of applications that its users can install and run. These applications include calendars that allow Friends to be reminded when it’s your birthday, tools to send Friends online greeting cards, quizzes on myriad topics and much more.





These Applications look totally harmless but in some cases it is not they are used by hackers to deliver malicious contents to your computer This holds true not only to Facebook, but also to other social networking sites and to the Internet in general, when downloading from the Web or opening attachments in email messages. Therefore, make certain that your computer has a proper and functional firewall, as well as up-to-date antivirus/anti-malware software, and only install or run these applications if they are from a trusted source or approved by your corporate IT department. We call them JAVA APPLETS or JAVA DRIVE-BY


TWITTER 
Twitter is an online application that allows you to post brief comments (tweets) on any topic. Other users on the Twitter network can become a follower of your tweets, such that they receive the updates whenever you send them.  Twitter Twitter is used for professional purpose so the risks here differs from Facebook.Generally Twitter is used by the celebrities,Companies they tweet their updates every time.Some body told me some one tweeted his twitter when the Osama kill mission started.

The employes may even tweet something that may be harmful for their company.The companies should keep a eye on the employes tweets or the tweets may be harmful for their future.


FRAUDS and HOAXES
weather it is Facebook or Twitter the online banking or day-to-day purchases, be aware of emails that claim to be from these sites but are actually hoaxes and may contain malicious content. If have received numerous emails that seems to be from  bank, yet are actually sent by a spammer in the hopes of obtaining the online username and password.

The messages may even contain an attached ZIP file that recipients are asked to open to see who invited them. The attachment will contain some Trojans and Malwares which can cause damage to your computer giving your sensitive information to the hacker

URL SHORTENING

Another form of hoax involves the shortening, of URLs in email messages or on websites  such as our favorites: Facebook,  Twitter.Often times, the links that we want to post can get very long, making them unwieldy or impossible to type in the small space allotted by the network sites. To get around this, third-party services such as http://tinyurl.com/ or http://bit.ly/ will “encode” the URL into a much shorter version.example - http://www.facebook.com/sauravhacker will turn into http://adf.ly/1PnMZ

Although the benefit of URL shortening is obvious, there is also a security risk associated with it, in that the shortened URL really does not tell you the true destination of the link. You only find out once you get there, which may be too late if that site happens to contains drive-by malware or content which should not be viewed by “sensitive” eyes. Therefore, make certain that you click on shortened URLs only if you trust the sender. Never click on them if they are contained in spam messages or on sites that you have any reason to consider suspicious.

You can use any longurl service also to long the shortened url.

PROTECTION

Use Different Passwords, Change Them Often: Each of your social networking sites as well as all other important websites should have different, complex password assigned to them, and they should be changed regularly. Since people often use the same password on multiple sites, one compromised account could easily lead to compromising other accounts.

Don’t Blindly Give Out Your Credentials: There are a lot of third party web-based services out there that make use of your social networking services. In the past, the only way for this to occur was to give your credentials to these services. This works, so long as these third party services weren’t somehow compromised, or worse, the services were not what they seemed to be.


Keep Your Operating System, Browser Patched: Ensure you have applied all the latest patches from Microsoft, Apple, or whomever supplies your computer’s underlying operating system. Ensure you are using the latest version of your web browser.  If you are using Internet Explorer–especially if you are using Internet Explorer version 6, as is standard on Windows XP, try using a third party browser such as Firefox or Google Chrome.

Browser Plugins Can Help: If you are using Firefox, there are plugins that can help expand those “short” URLs so you can see where it is they will take you. like LongURL

Antivirus: Always use a updated version of antivirus / Anti malware / anti rootkit . The updated version will be having it;s virus database updated which will help you recognizing and deleting those.


Click on links you trust from - Always click on links if you got from a trusted guy because the other links may contain trojans in them or even phishers.


 If you are aware about the Social Networking Risks you are secured from the hacker.It is not that i only mentioned about Facebook and Twitter means the risks are only on them. These risks exists in all the social networking sites but the hackers target the most popular which now a days is Facebook and Twitter

I missed something ?? Please tell me through your precious comments 


 References and Credits
-Phone Boy 
-Brad Dinerman
-Saurav

No comments:

Post a Comment